US5724425A - Method and apparatus for enhancing software security and distributing software - Google Patents
Method and apparatus for enhancing software security and distributing software Download PDFInfo
- Publication number
- US5724425A US5724425A US08/258,244 US25824494A US5724425A US 5724425 A US5724425 A US 5724425A US 25824494 A US25824494 A US 25824494A US 5724425 A US5724425 A US 5724425A
- Authority
- US
- United States
- Prior art keywords
- software
- key
- cryptographic
- computer
- public
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Lifetime
Links
- 238000000034 method Methods 0.000 title claims description 138
- 230000002708 enhancing effect Effects 0.000 title description 3
- 238000012795 verification Methods 0.000 claims abstract description 12
- 238000009826 distribution Methods 0.000 claims description 18
- 238000004590 computer program Methods 0.000 claims description 11
- 238000012797 qualification Methods 0.000 claims description 2
- 239000000284 extract Substances 0.000 abstract description 8
- 238000004891 communication Methods 0.000 description 46
- 230000006870 function Effects 0.000 description 42
- 239000000047 product Substances 0.000 description 31
- 238000004422 calculation algorithm Methods 0.000 description 29
- 230000008569 process Effects 0.000 description 27
- 239000013598 vector Substances 0.000 description 21
- 238000007726 management method Methods 0.000 description 19
- 230000004044 response Effects 0.000 description 19
- 238000012360 testing method Methods 0.000 description 19
- 238000011160 research Methods 0.000 description 16
- 238000013459 approach Methods 0.000 description 14
- 238000005516 engineering process Methods 0.000 description 12
- 238000004458 analytical method Methods 0.000 description 11
- 241000700605 Viruses Species 0.000 description 10
- 230000008901 benefit Effects 0.000 description 10
- 238000013478 data encryption standard Methods 0.000 description 10
- 238000013461 design Methods 0.000 description 10
- 238000011161 development Methods 0.000 description 10
- 230000018109 developmental process Effects 0.000 description 10
- 230000007246 mechanism Effects 0.000 description 9
- 238000012546 transfer Methods 0.000 description 9
- 230000001010 compromised effect Effects 0.000 description 8
- 238000012545 processing Methods 0.000 description 8
- 241000321453 Paranthias colonus Species 0.000 description 7
- 230000001413 cellular effect Effects 0.000 description 6
- 239000002131 composite material Substances 0.000 description 6
- 230000007774 longterm Effects 0.000 description 6
- 238000004364 calculation method Methods 0.000 description 5
- 230000001965 increasing effect Effects 0.000 description 5
- 230000002452 interceptive effect Effects 0.000 description 5
- 238000004519 manufacturing process Methods 0.000 description 5
- 239000000463 material Substances 0.000 description 5
- 239000011159 matrix material Substances 0.000 description 5
- 238000012544 monitoring process Methods 0.000 description 5
- 230000009466 transformation Effects 0.000 description 5
- 230000006378 damage Effects 0.000 description 4
- 230000008520 organization Effects 0.000 description 4
- 230000005540 biological transmission Effects 0.000 description 3
- 238000010586 diagram Methods 0.000 description 3
- 230000000694 effects Effects 0.000 description 3
- 238000004870 electrical engineering Methods 0.000 description 3
- 239000000796 flavoring agent Substances 0.000 description 3
- 235000019634 flavors Nutrition 0.000 description 3
- 238000012986 modification Methods 0.000 description 3
- 230000004048 modification Effects 0.000 description 3
- 230000008450 motivation Effects 0.000 description 3
- 230000036961 partial effect Effects 0.000 description 3
- 230000002829 reductive effect Effects 0.000 description 3
- 238000013515 script Methods 0.000 description 3
- 230000001360 synchronised effect Effects 0.000 description 3
- 241000534431 Hygrocybe pratensis Species 0.000 description 2
- 241001620634 Roger Species 0.000 description 2
- 238000013473 artificial intelligence Methods 0.000 description 2
- AIXMJTYHQHQJLU-UHFFFAOYSA-N chembl210858 Chemical compound O1C(CC(=O)OC)CC(C=2C=CC(O)=CC=2)=N1 AIXMJTYHQHQJLU-UHFFFAOYSA-N 0.000 description 2
- 230000003203 everyday effect Effects 0.000 description 2
- 238000000605 extraction Methods 0.000 description 2
- 230000006872 improvement Effects 0.000 description 2
- 208000015181 infectious disease Diseases 0.000 description 2
- 208000037805 labour Diseases 0.000 description 2
- 230000003340 mental effect Effects 0.000 description 2
- 238000012856 packing Methods 0.000 description 2
- 230000009467 reduction Effects 0.000 description 2
- 230000002441 reversible effect Effects 0.000 description 2
- 238000000926 separation method Methods 0.000 description 2
- 238000003860 storage Methods 0.000 description 2
- 239000000126 substance Substances 0.000 description 2
- 201000009032 substance abuse Diseases 0.000 description 2
- 238000006467 substitution reaction Methods 0.000 description 2
- 239000006163 transport media Substances 0.000 description 2
- 102100032137 Cell death activator CIDE-3 Human genes 0.000 description 1
- 101000775558 Homo sapiens Cell death activator CIDE-3 Proteins 0.000 description 1
- 241000969106 Megalaima haemacephala Species 0.000 description 1
- 241000479842 Pella Species 0.000 description 1
- 238000012356 Product development Methods 0.000 description 1
- 101150108015 STR6 gene Proteins 0.000 description 1
- 101100386054 Saccharomyces cerevisiae (strain ATCC 204508 / S288c) CYS3 gene Proteins 0.000 description 1
- 230000009471 action Effects 0.000 description 1
- 230000003213 activating effect Effects 0.000 description 1
- 230000006978 adaptation Effects 0.000 description 1
- 238000007792 addition Methods 0.000 description 1
- 239000000654 additive Substances 0.000 description 1
- 230000000996 additive effect Effects 0.000 description 1
- 230000008859 change Effects 0.000 description 1
- 238000006243 chemical reaction Methods 0.000 description 1
- 239000003086 colorant Substances 0.000 description 1
- 238000004040 coloring Methods 0.000 description 1
- 239000013065 commercial product Substances 0.000 description 1
- 238000005056 compaction Methods 0.000 description 1
- 230000000295 complement effect Effects 0.000 description 1
- 238000010276 construction Methods 0.000 description 1
- 238000005520 cutting process Methods 0.000 description 1
- 125000004122 cyclic group Chemical group 0.000 description 1
- 238000000354 decomposition reaction Methods 0.000 description 1
- 230000003247 decreasing effect Effects 0.000 description 1
- 230000007547 defect Effects 0.000 description 1
- 230000007123 defense Effects 0.000 description 1
- 230000000593 degrading effect Effects 0.000 description 1
- 238000012217 deletion Methods 0.000 description 1
- 230000037430 deletion Effects 0.000 description 1
- 230000001419 dependent effect Effects 0.000 description 1
- 230000003292 diminished effect Effects 0.000 description 1
- 230000003467 diminishing effect Effects 0.000 description 1
- 235000013399 edible fruits Nutrition 0.000 description 1
- 235000013601 eggs Nutrition 0.000 description 1
- 238000011156 evaluation Methods 0.000 description 1
- 238000002474 experimental method Methods 0.000 description 1
- 238000005242 forging Methods 0.000 description 1
- 238000009472 formulation Methods 0.000 description 1
- XDDAORKBJWWYJS-UHFFFAOYSA-N glyphosate Chemical compound OC(=O)CNCP(O)(O)=O XDDAORKBJWWYJS-UHFFFAOYSA-N 0.000 description 1
- 238000010348 incorporation Methods 0.000 description 1
- 239000004615 ingredient Substances 0.000 description 1
- 230000000977 initiatory effect Effects 0.000 description 1
- 238000009434 installation Methods 0.000 description 1
- 230000010354 integration Effects 0.000 description 1
- 238000011835 investigation Methods 0.000 description 1
- 239000000203 mixture Substances 0.000 description 1
- 230000007935 neutral effect Effects 0.000 description 1
- 230000000803 paradoxical effect Effects 0.000 description 1
- 230000002028 premature Effects 0.000 description 1
- 238000007639 printing Methods 0.000 description 1
- 230000008439 repair process Effects 0.000 description 1
- 150000003839 salts Chemical class 0.000 description 1
- 230000035945 sensitivity Effects 0.000 description 1
- 230000035939 shock Effects 0.000 description 1
- 238000001629 sign test Methods 0.000 description 1
- 230000011664 signaling Effects 0.000 description 1
- 229910052709 silver Inorganic materials 0.000 description 1
- 239000004332 silver Substances 0.000 description 1
- 101150035983 str1 gene Proteins 0.000 description 1
- 230000009897 systematic effect Effects 0.000 description 1
- 238000000844 transformation Methods 0.000 description 1
- 230000007704 transition Effects 0.000 description 1
- 238000012384 transportation and delivery Methods 0.000 description 1
- 230000017105 transposition Effects 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/10—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
- G06F21/12—Protecting executable software
- G06F21/121—Restricting unauthorised execution of programs
- G06F21/125—Restricting unauthorised execution of programs by manipulating the program code, e.g. source code, compiled code, interpreted code, machine code
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2211/00—Indexing scheme relating to details of data-processing equipment not covered by groups G06F3/00 - G06F13/00
- G06F2211/007—Encryption, En-/decode, En-/decipher, En-/decypher, Scramble, (De-)compress
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2211/00—Indexing scheme relating to details of data-processing equipment not covered by groups G06F3/00 - G06F13/00
- G06F2211/007—Encryption, En-/decode, En-/decipher, En-/decypher, Scramble, (De-)compress
- G06F2211/008—Public Key, Asymmetric Key, Asymmetric Encryption
Definitions
- the present invention relates to the use of public key encryption, and more particularly, the present invention relates to the use of public key encryption to achieve enhanced security and product authentication in the distribution of software.
- Public key encryption is based on encryption algorithms that have two keys. One key used for encryption, and the other key is used for decryption. There is a known algorithm that computes the second key given the first. However, without full knowledge of all the parameters, one cannot compute the first key given the second key.
- the first key is referred to as the "private key”
- the second key is referred to as the "public key”.
- either the private key or the public key may be used to encrypt a message, with the opposite key used to decrypt it. In general, the private key must be kept private, but the public key may be provided to anyone.
- Public key cryptography is used to send secure messages across public communication links on which an intruder may eavesdrop, and solves the problem of sending the encryption password to the other side securely.
- Public key systems may also be used to encrypt messages, and also to effectively sign messages, allowing the received party to authenticate the sender of the message.
- the sender computes a message digest from the data using specially designed cryptographically strong digests designed for this purpose.
- the sender uses the private key to encrypt the message digest, wherein this encrypted message digest is called a digital "signature".
- the sender then packages the data, the message digest and the public key together.
- the receiver may check for tampering by computing the message digest again, then decrypting the received message digest with the public key. If the recomputed and decrypted message digests are identical, there was no tampering of the data.
- Viruses and worms are computer code cleverly inserted into legitimate programs which are subsequently executed on computers. Each time the program is executed the virus or worm can cause damage to the system by destroying valuable information, and/or further infect and spread to other machines on the network. While there are subtle differences between a virus and a worm, a critical component for both is that they typically require help from an unsuspecting computer user to successfully infect a computer or a corporate network.
- Firewalls generally restrict Internet file transfers and telnet connections. Such transfers and connections can only be initiated from within the corporate network, such that externally initiated file transfers and telnet connections are refused by the firewall. Firewalls allow electronic mail and network news to freely flow inside the firewall's private network.
- the use of corporate firewalls allows employees to readily exchange information within the corporate environment, without having to adopt extreme security measures. A good firewall implementation can defend against most of the typical frontal assaults on system security.
- One method of preventing viruses and worms from infecting a corporate network is to never execute a program that may contain viruses.
- programs legitimately deployed throughout the corporate network should be considered virus free.
- All binary executables, all unreviewed shell scripts, and all source code fetched from outside the firewall are software that may contain a worm or virus.
- outside binary executables, shell scripts, and source code may enter a corporate firewall through an E-mail attachment.
- the shell scripts that are used to make and send multiple files using E-mail and the surveytools that start up by activating the E-mail attachment may allow virus entry.
- Executables can also be directly fetched through the iftp program, through a world-wide web browser such as Mosaic, or from an outside contractor whose network has already been compromised.
- a user has no mechanism to authenticate that the software sold is actually from the manufacturer shown on the label. Unauthorized copying and the sale of software is a significant problem, and users who believe that they are buying software with a manufacturer's warranty instead purchase pirated software, with neither a warranty nor software support.
- the problem of authenticating the original source of the software is accentuated when software is intended to be distributed through networks, and a user's source for the software may be far removed from the original writer of the software.
- a user does not have that ability to verify that the software purchased contains only the original manufacturer's code.
- a user also does not have a method for detecting any tampering, such as the existence of a virus, that may cause undesirable effects.
- the present invention provides a method and apparatus for authenticating that software distributed by a manufacturer is a legitimate copy of an authorized software release, and that the software contains only the original manufacturers code without tampering.
- the present invention solves the above identified problems through the use of a "software passport" which includes the digital signature of the application writer and manufacturer.
- the present invention may also be used to protect intellectual property, in the form of copyrighted computer code, by utilizing cryptographic techniques referred to herein as public key encryption.
- the present invention provides a method and apparatus utilizing public key encryption techniques for enhancing software security and for distributing software.
- the present invention includes a first computer which is provided with source code to be protected using the teachings of the present invention.
- a software application writer's private key along with an application writer's license provided to the first computer.
- An application writer generally means a software company such as Microsoft Corporation, Adobe or Apple Computer, Inc.
- the application writer's license includes identifying information such as the application writer's name as well as the application writer's public key.
- a compiler program executed by the first computer compiles the source code into binary code, and computes a message digest for the binary code.
- the first computer then encrypts the message digest using the application writer's private key, such that the encrypted message digest is defined as a digital "signature" of the application writer.
- a software passport is then generated which includes the application writer's digital signature, the application writer's license and the binary code. The software passport is then distributed to a user using any number of software distribution models known in the industry.
- a user upon receipt of the software passport, loads the passport into a computer which determines whether the software passport includes the application writer's license and digital signature. In the event that the software passport does not include the application writer's license, or the application writer's digital signature, then the user's computer system discards the software passport and does not execute the binary code. As an additional security step, the user's computer computes a second message digest for the software passport and compares it to the first message digest, such that if the first and second message digests are not equal, the software passport is also rejected by the user's computer and the code is not executed. If the first and second message digests are equal, the user's computer extracts the application writer's public key from the application writer's license for verification.
- the application writer's digital signature is decrypted using the application writer's public key.
- the user's computer compares a message digest of the binary code to be executed, with the decrypted application writer's digital signature, such that if they are equal, the user's computer executes the binary code.
- software products distributed with the present invention's software passport permits the user's computer to authenticate the software as created by an authorized application writer who has been issued a valid application writer's license. Any unauthorized changes to the binary code comprising the distributed software is evident through the comparison of the calculated and encrypted message digests.
- a platform builder provides an application writer with a platform builder's digital signature which is included in the application writer's license.
- the first computer compiles the software into binary code and computes a first message digest for the binary code.
- the first computer further encrypts the first message digest using the application writer's private key, such that the encrypted first message digest is defined as the application writer's digital signature.
- a software passport is generated which includes the application writer's digital signature, the application writer's license and the binary code. The software passport is then distributed to a user through existing software distribution channels.
- the user's computing platform which may be a computer, a video game box or a set top box, is provided with the platform builder's public key.
- the computing platform determines if the software passport includes an application writer's license. If it does not, the hardware platform rejects the execution of the code. If a software passport is present, the hardware platform extracts the application writer's license from the passport and determines whether or not the passport includes the platform builder's signature. The platform builder's signature is then decrypted using the public key provided in the platform.
- the computing platform recomputes the message digest of the application writer's license, and compares the received message digest with the recomputed message digest, such that if the digests are not equal, the software passport is not considered genuine and is rejected. If the message digests are equal, the hardware platform extracts the application writer's public key from the application writer's license, and extracts the application writer's digital signature. The hardware platform then recomputes the message digest of the binary code comprising the application software to be executed, and decrypts the application writer's digital signature using the application writer's public key. The hardware platform then compares the recomputed message digest for the binary code with the application writer's decrypted signature, such that if they are equal, the binary code is executed by the hardware platform. If the recomputed message digest and the application writer's decrypted signature are not equal, the software passport is rejected and the code is not executed.
- FIG. 1 illustrates a data processing system incorporating the teachings of the present invention.
- FIG. 2 conceptually illustrates use of the present invention's software passport where the application code and the software passport are provided in separate files.
- FIG. 3 conceptually illustrates use of the present invention's use of the software passport where the application code and the software passport are distributed in the same file.
- FIG. 4 diagrammatically illustrates the present invention's process for generating a software passport.
- FIG. 5 diagrammatically illustrates the use of the present invention for platform producer licensing.
- FIGS. 6a and 6b are flowcharts illustrating the steps executed by the present invention for verifying that a valid software license exists, and that the software writer's ("SW's") signature is valid, prior to permitting the execution of a computer program.
- SW's software writer's
- the operations referred to are machine operations.
- Useful machines for performing the operations of the present invention include general purpose digital computers or other similar devices. In all cases, the reader is advised to keep in mind the distinction between the method operations of operating a computer and the method of computation itself.
- the present invention relates to method steps for operating a computer, coupled to a series of networks, and processing electrical or other physical signals to generate other desired physical signals.
- the present invention also relates to apparatus for performing these operations.
- This apparatus may be specially constructed for the required purposes or it may comprise a general purpose computer selectively activated or reconfigured by a computer program stored in the computer.
- the method/process steps presented herein are not inherently related to any particular computer or other apparatus.
- Various general purpose machines may be used with programs in accordance with the teachings herein, or it may prove more convenient to construct specialized apparatus to perform the required method steps. The required structure for a variety of these machines will be apparent from the description given below.
- FIG. 1 illustrates a data processing system in accordance with the teachings of the present invention.
- a computer 10 which comprises three major components. The first of these is an input/output (I/O) circuit 12 which is used to communicate information in appropriately structured form to and from other portions of the computer 10.
- I/O input/output
- computer 10 includes a central processing (CPU) 13 coupled to the I/O circuit 12 and a memory 14.
- CPU central processing
- memory 14 coupled to the I/O circuit 12
- the computer 10 may be coupled to a network, in accordance with the teachings herein.
- the computer 10 may further include encrypting and decrypting circuitry incorporating the present invention, or as will be appreciated, the present invention may be implemented in software executed by computer 10.
- a raster display monitor 16 is shown coupled to the I/O circuit 12 and issued to display images generated by CPU 13 in accordance with the present invention. Any well known variety of cathode ray tube (CRT) or other type of display may be utilized as display 16.
- CTR cathode ray tube
- the present invention's software passport identifies a portion of software, or some machine code (hereinafter "code"), in a manner similar to how a physical passport identifies a person.
- code some machine code
- the concept is similar to the real-life passport system which forms the basis of a trust model among different countries.
- Physical passports enable border entry officers to identify each individual and make certain decisions based on his/her passport.
- a software passport is a modern release process for distributing software products.
- a software passport gives a software product an identity and a brand name.
- the software passport provides the basis of a trust model and allows computer users to identify and determine the genuineness of a software product based on the information contained in its passport.
- FIG. 2 the present invention is illustrated in conceptual form for the case where the computer code (comprising a piece of software) and the software passport are in separate files.
- FIG. 3 illustrates the use of the present invention where the computer code comprising a piece of software and the software passport are in the same file.
- the information included in the present invention's software passport may include:
- product information such as the software product's name and any other relevant information to the specific product
- company information including the name of the company or the software application writer who has produced the product
- a validity date which includes the issue date of the software passport and the expiration date of the passport
- the software code body including executable application code distributed to the user
- a digital "signature” is produced by using certain cryptographic techniques of computing a message digest of a piece of software code (hereinafter “code”), and encrypting the message digest using the signer's private key.
- code a piece of software code
- message digest algorithms such as the MD2, MD4, and MD5 algorithms published by RSA, Inc.
- the use of private cryptographic techniques makes this signature very difficult to forge since the signer keeps the private key secret.
- the reader is referred to the papers by Whitfield Diffie, "The First Ten Years of Public Key Cryptography", Vol. 76, No.
- the code changes its message digest reflects any differences.
- this "digital signature" is stamped on the product prior to its release.
- the digital signature associates a product with the entity that has produced it, and enables consumers to evaluate the quality of a product based on the reputation of the producer.
- the signature also permits a consumer to distinguish the genuineness of a product.
- the present invention's software producer's license (at time referred to herein as the "application writer's license”) is an identification similar to the home repair contractor's license issued by a state.
- a software producer's license identifies and certifies that the producer is authorized to perform certain software production activities. It is contemplated that the software producer's license will be issued by some commonly-trusted authority established by the computer software industry. Before issuing an license to a software producer, this authority performs a defined process to authenticate the person or company, and to verify their job skill; as a state does before issuing a contractor's license. For convenience, in this Specification, this commonly-trusted entity is referred to as the Software Publishing Authority ("SPA").
- SPA Software Publishing Authority
- a software producer's license contains the following information:
- a software producer's license associates an application writer with a name and a public key. It enables a software producer to produce multiple products, and to sign every product produced.
- the public key embedded in a license belongs to the person who owns the license. This public key can later be used by any third party to verify the producer's digital signature.
- a user who has purchased a product can determine the genuineness of a product by using the public key embedded in the producer's identification to authenticate the digital signature.
- the SPA's digital signature is generated by computing the message digest of the producer's identification and encrypting the message digest using the SPA's private key. Since the SPA's private key is kept private to the SPA, third parties are not able to easily forge the SPA's signature to produce a fake identification.
- SW software application writer
- the code included in a passport may comprise source code in various computer languages, assembly code, machine binary code, or data.
- the code may be stored in various formats. For example, a piece of source code may be stored in a clear text form in the passport. A portion of binary executable machine code may also be stored in a compacted format in the passport, using certain well known compaction algorithms such as Huffman encoding. The format used in a particular implementation is indicated by a flag in the passport.
- Binary executable code may further be stored in a printable-character set format to allow the passport to be printed. A user would then reverse the printable-format to recover the software.
- code protected by intellectual property, such as copyright or patent may be stored in an encrypted format in the passport. In such case, it is contemplated that a user may be required to pay a license fee prior to gaining access to the software.
- the original source code 20, the application writer's private key 22, and the application writer's license 24 is provided to a compiler 26.
- the application writer's license 24 includes the writer's name 30, the writer's public key 32 and a validity date 34.
- the compiler 26 then compiles the source code 20 into binary code.
- the compiler 26 further computes the message digest of the binary code, and encrypts the message digest using the private key 22 supplied by the application writer. This encrypted message digest constitutes the application writer's signature.
- a digital signature of the application writer is produced and embedded in the passport.
- the compiler 26 also embeds the application writer's license 24 in the passport.
- the application writer's license 24 allows any user who has purchased the product to recognize the maker of the product.
- the application writer's digital signature in the passport allows any user to verify the genuineness of the product.
- the SPA's digital signature in the application writer's license 24 provides the user with the ability to verify that an application writer is a licensed application writer by using SPA's public key to encrypt the signature.
- the generated software passport 38 including the application code is then distributed using any desired software distribution model.
- the passport 38 is received by a user and is executed using an operating system (OS) running on a computer system (“platform”) such as the system of FIG. 1.
- OS operating system
- platform computer system
- platform producers In the electronic game industry and the interactive television cable set-top box industry, platform producers often desire to allow only authorized code to be executed on their particular platform. To be able to control the accessibility of a platform, the received code must be identifiable and the platform must be able to identify the software when it arrives. As illustrated in FIG. 5, the present invention may be applied in a platform producer licensing scheme with particular application for use in settop box and video game environments.
- a platform producer may issue a "programmer's license" to a set of application writers (alternatively referred to as "software writers") who are authorized to write application code for a particular platform.
- a programmer's license issued by a platform producer is similar to the programmer's identification issued by the SPA, except that the license is digitally signed by the platform producer instead of by the SPA.
- the programmer's license contains the following information:
- the issuing authority (the platform producer);
- the platform producer's digital signature the platform producer's digital signature.
- the platform producer's digital signature is generated by computing the message digest of the license, and encrypting the message digest using the platform producer's private key.
- the software produced by a licensed application writer will include a valid passport 50 (see FIGS. 5 and 6a) which contains a genuine writer's digital signature, and a valid application writer's license 52 issued by the platform builder. Any application writer who is not authorized by the platform builder will not possess a valid license. Therefore, the software passport generated by an unauthorized person will either have no valid license or no valid signature.
- the public key 54 of the platform builder is embedded in the platform (e.g., video game) for the verification process.
- the platform extracts the public key 54 embedded in the system to verify that a passport contains a valid application writer's license 52.
- the digital signature in the application writer's license is generated by computing the message digest of the license 52 and encrypting the message digest using the platform builder's private key.
- the system of the present invention can thus recover the original message digest by decrypting the signature using the platform builder's public key 54.
- the verification process of the application writer's license may be accomplished by:
- the passport 50 contains a valid application writer's license if the two message digests are the same. Otherwise the license is not valid.
- the verification process of the present invention is illustrated in the flow chart of FIG. 6(a).
- the application writer might have stolen the license by copying it from some other authorized writer's passport. In this case, the unauthorized writer would not have a correct private key 58 to forge the signature of the authorized writer. It is contemplated that the system will further verify the signature of the application writer 60. It will be recalled that the application writer's digital signature in the passport was generated by computing the message digest of the passport and encrypting the message digest using the application writer's private key 58. The original message digest may be recovered by decrypting the signature using the writer's public key 62 embedded in the application writer's license 52, which is embedded in the passport 50. The application writer's digital signature may then be verified by:
- the signature is valid if the two message digests are the same. Otherwise the passport is not valid and the platform will reject the execution of the software.
- the steps executed by the present invention to verify the application writer's digital signature are illustrated in flow chart for FIG. 6(b).
- the security scheme of the present invention may be used to protect inventions and authorship protected by intellectual property, such as copyrights and patents.
- the one additional procedure that is added to protect intellectual property is that the compiler (e.g. a compiler 68 shown in FIG. 5) generates encrypted byte codes.
- OS platform operating system
- the verification procedures are followed as described above with reference to FIGS. 6(a) and 6(b).
- the operating system requires an additional approval before it is permitted to run the code.
- a cryptographic key is required which essentially results in an IP license to run the code.
- the operating system requests the IP license.
- the operating system verifies that the IP license is signed by the person who authored the code, and then proceeds to decrypt and execute the code.
- third parties do not have the ability to inspect the code since it is encrypted.
- the present invention has disclosed a method and apparatus for enhancing software security.
- the present invention has been described with reference to FIGS. 1-6, it will be apparent that may alternatives, modifications and variations may be made in light of the foregoing description.
- Public-key cryptosystems separate the capacities for encryption and decryption so that 1) many people can encrypt messages in such a way that only one person can read them, or 2) one person can encrypt messages in such a way that many people can read them. This separation allows important improvements in the management of cryptographic keys and makes it possible to ⁇ sign ⁇ a purely digital message.
- Challenge and response identification and one-way functions provide protection against two quite different sorts of threats.
- Challenge and response identification resists the efforts of an eavesdropper who can spy on the communication channel. Since the challenge varies randomly from event to event, the spy is unable to replay it and fool the challenging radar. There is, however, no protection against an opponent who captures the radar and learns its cryptographic keys. This opponent can use what he has learned to fool any other radar that is keyed the same.
- the one-way function defeats the efforts of an intruder who captures the system password table (analogous to capturing the radar) but succumbs to anyone who intercepts the login message because the password does not change with time.
- One subscriber can send a private message to another simply by looking up the addressee's public key and using it to encrypt the message. Only the holder of the corresponding secret key can read such a message; even the sender, should he lose the plaintext, is incapable of extracting it from the ciphertext.
- a subscriber can sign a message by encrypting it with his own secret key.
- anyone with access to the public key can verify that it must have been encrypted with the corresponding secret key, but this is of no help to him in creating (forging) a message with this property.
- the first aspect of public-key cryptography greatly simplifies the management of keys, especially in large communication networks.
- a pair of subscribers In order for a pair of subscribers to communicate privately using conventional end-to-end cryptography, they must both have copies of the same cryptographic key and this key must be kept secret from anyone they do not wish to take into their confidence. If a network has only a few subscribers, each person simply stores one key for every other subscriber against the day he will need it, but for a large network, this is impractical.
- n(n-1)/2 pairs each of which may require a key.
- the second aspect makes it possible to conduct a much broader range of normal business practices over a telecommunication network.
- the availability of a signature that the receiver of a message cannot forge and the sender cannot readily disavow makes it possible to trust the network with negotiations and transactions of much higher value than would otherwise be possible.
- Merkle's original proposal may have been hard to follow, the idea is quite simple.
- Merkle's approach is to communicate a cryptographic key from one person to another by hiding it in a large collection of puzzles. Following the tradition in public-key cryptography the parties to this communication will be called Alice and Bob rather than the faceless A and B, X and Y, or I and J, common in technical literature.
- Each puzzle contains a cryptographic key in a recognizable standard format.
- the puzzle itself is a cryptogram produced by a block cipher with a fairly small key space. As with the number of puzzles, a million is a plausible number.
- Bob receives the puzzles, he picks one and solves it, by the simple expedient of trying each of the block cipher's million keys in turn until he finds one that results in plaintext of the correct form. This requires a large but hardly impossible amount of work.
- Bob uses the key it contains to encrypt a fixed test message, which he transmits to Alice. Alice now tries her million keys on the test message until she finds the one that works. This is the key from the puzzle Bob has chosen.
- n 2 advantage the legitimate communicators have over the intruder is small by cryptographic standards, but sufficient to make the system plausible in some circumstances.
- the plaintext of each puzzle is 96 bits, consisting of 64 bits of key together with a thirty-two bit block of zeros that enables Bob to recognize the right solution.
- the puzzle is constructed by encrypting this plaintext using a block cipher with 20 bits of key. Alice produces a million of these puzzles and Bob requires about half a million tests to solve one. The bandwidth and computing power required to make this feasible are large but not inaccessible.
- a DS1 (1.544 Mbit) channel it would require about a minute to communicate the puzzles. If keys can be tried on the selected puzzle at about ten-thousand per second, it will take Bob another minute to solve it. Finally, it will take a similar amount of time for Alice to figure out, from the test message, which key has been chosen.
- the intruder can expect to have to solve half a million puzzles at half a million tries apiece. With equivalent computational facilities, this requires twenty-five million seconds or about a year. For applications such as authentication, in which the keys are no longer of use after communication is complete, the security of this system might be sufficient.
- Exponential key exchange takes advantage of the ease with which exponentials can be computed in a Galois (finite) field GF(q) with a prime number of q of elements (the numbers ⁇ 0, 1, . . . , q-1 ⁇ under arithmetic modulo q) as compared with the difficulty of computing logarithms in the same field.
- ⁇ is a fixed primitive element of GF(q) (that is the powers of ⁇ produce all the nonzero elements 1, 2, . . . , q-1 of GF(q)), then X is referred to as the logarithm of Y to the base ⁇ , over GF(q):
- the arithmetic of exponential key exchange is not restricted to prime fields; it can also be done in Galois Fields with 2 n elements, or in prime product rings 103!, 68!.
- the ⁇ 2 n ⁇ approach has been taken by several people 64!, 117!, 56! because arithmetic in these fields can be performed with linear shift registers and is much faster than arithmetic over large primes. It has turned out, however, that discrete logarithms can also be calculated much more quickly in ⁇ 2 n ⁇ fields and so the sizes of the registers must be about 50 percent greater.
- the knapsack problem is fancifully derived from the notion of packing gear into a knapsack.
- a shipping clerk faced with an odd assortment of packages and a freight container will naturally try to find a subset of the packages that fills the container exactly with no wasted space.
- the simplest case of this problem, and the one that has found application in cryptography is the one dimensional case: packing varying lengths of fishing rod into a tall thin tube.
- the algorithm for generating keys therefore chooses a random superincreasing cargo vector a' (with a hundred or more components) and keeps this vector secret. It also generates a random integer m, larger than ⁇ a', and a random integer w, relatively prime to m, whose inverse w -1 mod m will be used in decryption.
- the public cargo vector or enciphering key a is produced by multiplying each component of a' by w mod m
- Alice publishes a transposed version of a as her public key, but keeps the transposition, the simple cargo vector a', the multiplier w and its inverse, and the modulus m secret as her private key.
- This process can be iterated to produce a sequence of cargo vectors with more and more difficult knapsack problems by using transformations (w 1 , m 1 ), (w 2 , m 2 ), etc.
- the overall transformation that results is not, in general, equivalent to any single (w, m) transformation.
- the trap-door knapsack system does not lend itself readily to the production of signatures because most elements S of the ciphertext space ⁇ 0 ⁇ S ⁇ a i ⁇ , do not have inverse images. This does not interfere with the use of the system for sending private messages, but requires special adaptation for signature application 71!, 98!. Merkle had great confidence in even the single iteration knapsack system and posted a note on his office offering a $100 reward to anyone who could break it.
- the RSA cryptosystem is a block cipher in which the plaintexts and ciphertexts are integers between 0 and N-1 for some N. It resembles the exponential key exchange system described above in using exponentiation in modular arithmetic for its enciphering and deciphering operations but, unlike that system, RSA must do its arithmetic not over prime numbers, but over composite ones.
- the RSA system makes use of the fact that finding large (e.g., 200 digit) prime numbers is computationally easy, but that factoring the product of two such numbers appears computationally infeasible.
- Alice creates her secret and public keys by selecting two very large prime numbers, P and Q, at random, and multiplying them together to obtain a bicomposite modulus N.
- She makes this product public together with a suitably chosen enciphering exponent e, but keeps the factors, P and Q secret.
- exponentiation modulo N The enciphering process of exponentiation modulo N can be carried out by anyone who knows N, but only Alice, who knows the factors of N, can reverse the process and decipher.
- McEliece's system makes use of the existence of a class of error correcting codes, the Goppa codes, for which a fast decoding algorithm is known. His idea was to construct a Goppa code and disguise it as a general linear code, whose decoding problem is NP-complete. There is a strong parallel here with the trapdoor knapsack system in which a superincreasing cargo vector, whose knapsack problem is simple to solve, is disguised as a general cargo vector whose knapsack problem is NP-complete.
- the secret key In a knapsack system, the secret key consists of a superincreasing cargo vector v, together with the multiplier w and the modulus m that disguise it; in McEliece's system, the secret key consists of the generator matrix G for a Goppa code together with a nonsingular matrix S and a permutation matrix P that disguise it.
- Bob multiplies the received message x by p -1 , decodes xp -1 to get a word in the Goppa code and multiplies this by S -1 to recover Alice's data block.
- McEliece's system has never achieved wide acceptance and has probably never even been considered for implementation in any real application. This may be because the public keys are quite large, requiring on the order of a million bits; it may be because the system entails substantial expansion of the data; or it may be because McEliece's system bears a frightening structural similarity to the knapsack systems whose fate we shall discover shortly.
- Shamir's original attack was narrow. It seemed that perhaps its only consequence would be to strengthen the knapsack system by adding conditions to the construction rules for avoiding the new attack.
- the first response of Gustavus J. Simmons, whose work will dominate a later section, was that he could avoid Shamir's attack without even changing the cargo vector merely by a more careful choice of w and m 16!. He quickly learned, however, that Shamir's approach could be extended to break a far larger class of knapsack systems 16!.
- KDC key distribution center
- Key distribution protocols vary widely depending on the cost of messages, the availability of multiple simultaneous connections, whether the subscribers have synchronized clocks, and whether the KDC has authority not only to facilitate, but to allow or prohibit, communications.
- the following example is typical and makes use of an important property of cryptographic authentication. Because a message altered by anyone who does not have the correct key will fail when tested for authenticity, there is no loss of security in receiving a message from the hands of a potential opponent. In so doing, it introduces, in a conventional context, the concept of a certificate--a cryptographically authenticated message containing a cryptographic key-a concept that plays a vital role in modern key management.
- the KDC responds by sending Alice a pair of certificates. Each contains a copy of the required session key, one encrypted so that only Alice can read it and one so that only Bob can read it.
- a big improvement in both economy and security can be made by the use of public-key cryptography.
- a certificate functions as a letter of introduction. In the protocol above, Alice has obtained a letter that introduces her to Bob and Bob alone. In a network using public-key encryption, she can instead obtain a single certificate that introduces her to any network subscriber 62!.
- the keys that the KDC dispenses are public keys and messages encrypted with these can only be decrypted by using the corresponding secret keys, to which the KDC has no access.
- a public-key network presents the intruder with a much more difficult problem. Even if the KDC has been corrupted and its secret key is known to opponents, this information is insufficient to read the traffic recorded by a passive wiretap.
- the KDC's secret key is useful only for signing certificates containing subscribers' public keys: it does not enable the intruders to decrypt any subscriber traffic. To be able to gain access to this traffic, the intruders must use their ability to forge certificates as a way of tricking subscribers into encrypting messages with phony public keys.
- Each ISDN secure phone has an operating secret-key/public-key pair that has been negotiated with the network's key management facility.
- the public-key portion is embodied in a certificate signed by the key management facility along with such identifying information as its phone number and location. In the call setup process that follows, the phone uses this certificate to convey its public key to other phones.
- Each phone checks the signature on the certificate it has received and extracts from it the other phone's public key.
- each phone displays for its user the identity of the phone with which it is in communication.
- a host nation wants to assure itself that the monitoring nation can monitor only total yield and does not employ an instrument package capable of detecting staging or other aspects of the weapon not covered by the treaty. If the data from the remote seismic observatory are encrypted, the host country cannot tell what they contain.
- Digital signatures provided a perfect solution.
- a digitally signed message from a remote seismic observatory cannot be altered by the host, but can be read.
- the host country can assure itself that the observatory is not exceeding its authority by comparing the data transmitted with data from a nearby observatory conforming to its own interpretation of the treaty language.
- the RSA system was the one best suited to signature applications, so Sandia began building hardware to carry out the RSA calculations. In 1979 it announced a board implementation intended for the seismic monitoring application 106!. This was later followed by work on both low- and high-speed chips 89!, 94!.
- Sandia was not the only hardware builder. Ron Rivest and colleagues at MIT, ostensibly theoretical computer scientists, learned to design hardware and produced a board at approximately the same time as Sandia. The MIT board would carry out an RSA encryption with a one hundred digit modulus in about a twentieth of a second. It was adequate "proof of concept" but too expensive for the commercial applications Rivest had in mind.
- the system to be replaced employed electronic key distribution that allowed the STU-II to bootstrap itself into direct end-to-end encryption with a different key on every call.
- a STU-II made a secure call to a terminal with which it did not share a key, it acquired one by calling a key distribution center using a protocol similar to one described earlier.
- the STU-III is the size of a large conventional telephone and, at about $3000 apiece, substantially cheaper than its predecessor. It is equipped with a two-line display that, like the display of the ISDN secure phone, provides information to each party about the location, affiliation, and clearance of the other. This allows one phone to be used for the protection of information at various security levels.
- the phones are also sufficiently tamper resistant that unlike earlier equipment, the unkeyed instrument is unclassified.
- the caller To make a secure call with a STU-III, the caller first places an ordinary call to another STU-III, then inserts a key-shaped device containing a cryptographic variable and pushes a "go secure" button. After an approximately fifteen second wait for cryptographic setup, each phone shows information about the identity and clearance of the other party on its display and the call can proceed.
- RSA Data Security founded by Rivest, Shamir, and Adleman, the inventors of the RSA cryptosystem, to exploit their patent on RSA and develop products based on the new technology.
- RSA produces a stand-alone software package called Mailsafe for encrypting and signing electronic mail. It also makes the primitives of this system available as a set of embeddable routines called Bsafe that has been licensed to major software manufacturers 9!.
- Cylink is also first to produce a commercially available RSA chip 7!, 31!.
- the CY1024 is, despite its name, a 1028 bit exponential engine that can be cascaded to perform the calculations for RSA encryptions on moduli more than sixteen thousand bits long.
- a single CY1024 does a thousand bit encryption in under half a second-both modulus size and speed currently being sufficient for most applications.
- the modulus has remained the front runner among attacks on the RSA system. As factoring has improved, the modulus size required for security has more than doubled, requiring the system's users to hunt for larger and larger prime numbers in order to operate the system securely. As the numbers grow larger, faster and faster methods for doing modular arithmetic are required. The result has been not only the development of a technical base for public-key cryptography, but an inspiration and source of support for number theory 61!, 65!.
- Prime finding has followed a somewhat different course from factoring. This is in part because there are probabilistic techniques that identify primes with sufficient certainty to satisfy all but perhaps the pickiest of RSA users and in part because primality is not in itself a sufficient condition for numbers to be acceptable as RSA factors.
- the test can be refined by making use of the fact that if n is an odd prime only the numbers 1 and -1 are square roots of 1, whereas if n is the product of distinct odd primes, the number of square roots of unity grows exponentially in the number of factors. If the number n passes the pseudoprime test to base b, it can be further examined to see if ##EQU6## Tests of this kind are called strong pseudoprime tests to base b and very few composite numbers that pass strong pseudoprime tests to more than a few bases are known.
- the factors of the modulus are not random large primes p, but large primes chosen for particular properties of the factors of p-1 91!, 52!.
- Rivest 94! multiplication on a fixed word length processor takes time proportional to the square length of the operands or O(k 2 ). If dedicated serial/parallel hardware is constructed for the purpose, this time can be reduced to O(k). In this case, the number of gates required is also proportional to the lengths of the operands, O(k). The fastest implementations 15! run in time O(log k), but here the hardware requirements grow sharply to O(k 2 ) gates.
- SDNS A network on implementation
- a protocol providing authentication without key exchange is susceptible to an enemy who waits until authentication is complete and then takes over one end of the communications line. Such an attack is not precluded by a key exchange that is independent of authentication. Key exchange should be linked to authentication so that a party has assurances that an exchanged key (which might be used to facilitate privacy or integrity and thus keep authenticity alive) is in fact shared with the authenticated party, and not an imposter. For these reasons, it is essential to keep key exchange in mind in the design and analysis of authentication protocols.
- ⁇ ⁇ Braces indicate a hash function.
- ⁇ x, y ⁇ is the result when a hash function is applied to x concatenated with y.
- s A Alice's secret key for a signature scheme is Alice's signature on x.
- s A ⁇ x ⁇ is Alice's signature on the hashed version of x.
- p A Alice's public key for a signature scheme. If the signature scheme is a public-key cryptosystem, then we define p A ⁇ x ⁇ and p A ,(x) to be Alice's public key encryption function with and without hashing.
- Cert A Alice's certificate, containing Alice's name (and possibly other information), her public key, and a trusted authority T's signature over this information.
- Cert A (Alice, p A , . . . , s t ⁇ Alice, p A , . . . ⁇ ).
- Cert A binds the name Alice to the public key p A . If Alice sends her certificate to Bob and provides evidence that she knows the secret key s A corresponding to p A , then she has provided evidence to Bob that she is in fact Alice.
- Alice begins by sending the random challenge R A to Bob.
- Bob responds with his certificate, his signature on R A and a random challenge R B .
- Alice uses Bob's public key in Cert B to verify Bob's signature, and then responds with her certificate and signature on R B . Finally, Bob verifies Alice's signature.
- Eve begins by initiating the protocol with Bob.
- Bob sends the challenge to Eve
- Eve initiates another instance of the protocol with Alice and gets Alice to sign Bob's challenge.
- Eve can then complete the authentication with Bob and successfully impersonate Alice.
- the main problem here is that the challenged party has no influence over what he will sign. (As a general rule, it is better if both parties have some influence over the quantity signed.)
- the challenger can abuse this protocol to get a signature on any quantity he chooses.
- a particular instantiation of an authentication protocol is referred to as a run.
- a successful run two communicating parties, Alice and Bob, exchange a number of messages at the end of which they have assurances of each other's identities and furthermore, optionally share a secret key known only to them. For every completed run, each party either accepts or rejects the other's identity and optionally an exchanged key. In a successful run, the run is completed and both parties accept.
- the second property of a successful run concerns the records of a protocol run (assuming the participants had each recorded the exchange). To proceed, we require definitions regarding the use of the work match when applied to records of a run (a slightly different definition is given by Bird et al. 5!).
- Matching Records of Runs We say that two records of a run match if their messages can be partitioned into sets of matching messages (each set containing one message from each record), the messages originated by one participant appear in the same order in both records, and the messages originated by the other participant appear in the same order in both records. For simplicity, we do not consider protocols in which messages need not arrive in the order in which they were sent.
- a particular run of a protocol is an insecure run if any party involved in the run, say Alice, executes the protocol faithfully, accepts the identity of another party, and either of the following conditions holds:
- the other party's record of the partial or full run does not match Alice's record.
- the exchanged key accepted by Alice is known to someone other than the party whose identity Alice accepted. (This condition does not apply to authentication without key exchange.)
- a secure protocol is a protocol for which the following conditions hold in all cases where one party, say Alice, executes the protocol faithfully and accepts the identity of another party:
- the other party's record of the partial or full run matches Alice's record.
- An authenticated key exchange protocol provides perfect forward secrecy if disclosure of long-term secret keying material does not compromise the secrecy of the exchanged keys from earlier runs. The property of perfect forward secrecy does not apply to authentication without key exchange.
- Direct Authentication In some authenticated key exchange protocols, authentication is not complete until both parties prove knowledge of the shared secret key by using it in subsequent communications. Such a protocol is called indirect. When authentication is established by the end of each protocol run, the protocol is direct. An indirect protocol can be modified to be direct by adding an exchange of known messages or messages with redundancy encrypted with the exchanged key. For authentication without key exchange, an indirect protocol provides no security because neither party can accept the other's identity.
- Timestamps are convenient for administrative and documentation purposes, it is desirable in practice to avoid relying on their use for security in authentication protocols. Difficulties, precautions, and objections to timestamps are well-documented in the literature 3!, 5!, 13!. For convenience, we summarize the more notable issues below.
- time window for timestamps To use timestamps for authentication, all parties must maintain local clocks that are periodically synchronized in a secure manner with a reliable source of time. Between synchronizations with the reliable time source, local clocks may drift. Two parties, Alice and Bob, must allow a time window for timestamps to compensate for local clock drift and the fact that messages take time to cross a network. Alice will accept any timestamp from Bob that is within a window around the time on Alice's local clock as long as Bob has not used this particular time value before. Alice can either store all time values used by all other parties that are within her current window (which is impractical in some communications environments) or she can store the latest time used by each party and insist on strictly increasing time values from each party.
- STS station-to-station
- the STS protocol has evolved over time; an early version of this work was described at the 1987 International Switching Symposium 21!. We believe that it is secure according to Definition 2 and has a number of other desirable properties. In the remainder of this section, we describe the protocol, discuss its properties, and justify its subtle details by showing how variants of it are vulnerable.
- the STS protocol consists of Diffie-Hellman key establishment 9!, followed by an exchange of authentication signatures.
- the parameters used for the key establishment i.e., the specification of a particular cyclic group and the corresponding primitive element ⁇
- the Diffie-Hellman operation is exponentiation, implying that the underlying group is multiplicative, the description applies equally well to additive groups (e.g., the group of points of an elliptic curve over a finite field).
- Alice knows Bob's authentic public key, and vice versa; this assumption is dropped in the following section.
- the protocol begins with one party, Alice, creating a random number x and sending the exponential ⁇ x to the other party, Bob (see diagram below).
- Bob responds with the exponential ⁇ y and a token consisting of his signature on the exponentials, encrypted with K using a suitable symmetric encryption algorithm E (i.e., E K (s B ⁇ y , ⁇ x ⁇ )).
- Alice computes K, decrypts the token using K, and verifies Bob's signature using Bob's public key.
- Alice sends to Bob her corresponding encrypted signature on the exponentials, E K (s A ⁇ x , ⁇ y ⁇ ).
- Bob similarly verifies Alice's encrypted signature using K and Alice's public key.
- the security of the exponential key exchange relies on the apparent intractability of the discrete logarithm problem 24!.
- the STS protocol has the desirable characteristics discussed in Section 4. Rather than using timestamps, challenges are used. Because the parties demonstrate knowledge of the exchanged key by encrypting their signatures, the authentication is direct. The STS protocol also offers perfect forward secrecy. The only long-term secret keying material stored by users is their secret keys for the signature scheme. If a secret key is compromised, the security of exchanged keys from earlier runs is not affected because Diffie-Hellman key exchange is used; Diffie-Hellman key exchange has no long-term keying material. There are two other desirable properties of the STS protocol. The first is that public key techniques are used to make key management simpler and more secure than is possible using conventional cryptography.
- Eve can compute E 1 (1), and hence can impersonate Alice.
- this attack applies only to a specific case, it illustrates a more general problem in signing only one's own exponential: if Eve can obtain a quantity for which she can acquire or compute the discrete logarithm, and can acquire or compute Alice's signature on the quantity, then Eve can use (and reuse) this quantity as an exponential to impersonate Alice.
- Eve can introduce the second exponential into the data to be signed, an adversary is forced to solve a different instance of the problem in real time each time impersonation is attempted.
- the STS protocol can be reduced to an authentication-only protocol by replacing exponentials with random numbers and removing the encryption on the signatures. If each party were to sign only the other party's exponential, then the authentication-only variant would be subject to the attack on the simple challenge-response outlined in Section 2. Similarly, signing only one's own exponential does not result in a protocol which reduces to a secure authentication-only variation.
- Eve substitutes her own exponentials for Alice's and Bob's exponentials. This results in Alice and Bob calculating two different keys, both of which can be calculated by Eve.
- this modified protocol is insecure because while Alice executed the protocol faithfully and accepted Bob's identity, the exchanged key is shared with a different party, Eve. There is a similar problem from Bob's point of view.
- certificates may be used.
- a certificate should contain the user's name and the signature of the trusted authority over these data items. The reason for the inclusion of the ( ⁇ , p) pair in the certificate is explained below.
- the STS protocol is then as follows. To avoid cluttering the formulae the mod p reductions have been omitted.
- Alice sends her Diffie-Hellman parameters along in the first message; Bob uses these instead of fixed network-wide parameters.
- Bob verifies that the Diffie-Hellman parameters sent in the first message agree with those actually in Alice's certificate.
- Bob sends Alice his certificate, from which Alice can extract his authentic public key; Alice verifies authenticity by checking the signature of the trusted authority on Bob's certificate.
- Alice sends Bob her certificate, allowing Bob to extract her authenticated public key, after similarly verifying the trusted authority's signature on her certificate.
- Bob does not need Alice's certificate until the third message, and in fact may not wish to receive it earlier, since this may require having to allocate storage to save the certificate until needed upon receipt of the third message.
- a further reason for Alice to delay sending her certificate until the third message is to allow both Alice and Bob the option to encrypt their certificates with the exchanged key.
- certificates are, in theory, public information, it may be desirable in some applications to prevent an eavesdropper from seeing them in order to prevent a passive eavesdropper from learning Alice and Bob's identities.
- Eve knows the exchanged key and after authentication, she is free to both eavesdrop and inject her own messages. Note that Alice and Bob accepted each other's identities, but their records of the run do not match, and the exchanged key is known to a third party; the modified protocol is thus insecure by our definitions, as well as intuitively.
- Kerberos protocol The popular Kerberos protocol 18!, based on symmetric cryptosystems, has several features which make it somewhat undesirable in various applications. These include the use of timestamps (discussed earlier), the requirement of an on-line authentication server, and redundancies in the protocol itself. These and further issues are discussed by Bellovin and Merritt 3!.
- the CCITT X.509 recommendation 30! is a very widely known internationally standardized authentication protocol based on public-key cryptography.
- the one and two-pass X.509 protocols require timestamps, while timestamps are redundant in the three-pass protocol; the specification allows that the timestamp field may be zero in this latter case (making the three-pass protocol practical, although it would be preferable if no field at all had to be allocated for timestamps).
- Some concerns regarding the protocol are now summarized.
- the final message of this protocol is Alice's signature on both Bob's challenge and Bob's identity: s A ⁇ R B , Bob ⁇ . 2 This allows Bob to obtain the signature of Alice on a quantity over which Bob has control.
- a second concern involves the suggested use of the optional encrypted data field in the protocol to accomplish key exchange; this use does not guarantee perfect forward secrecy. 3 A further issue with the use of this field is that there is no guarantee that the sender of the encrypted data actually knows the encrypted data itself, and in fact an adversary can pass off another party's encrypted data as his own 7!, 13!.
- a third concern 17! is the restriction that the signature system used must be capable of both signing and encrypting data, which rules out many candidate signature schemes including the proposed NIST Digital Signature Algorithm 10!.
- the authentication-only version of the STS protocol is essentially the same as the three-way protocol currently proposed by ISO 1!.
- the differences are that the ISO protocol allows redundant copies of the random numbers, optional fields for the identity of the intended recipient of a message, and optional fields for arbitrary text. Due to limitations of authentication-only protocols as discussed earlier, in most applications it is expected that the key establishment functionality of the ISO protocol (provided by the optional text fields both within and outside the signed portion of each message) will be employed. Recalling the concern noted above in X.509, care must be taken in the use of these fields; furthermore, note that their use to transfer encrypted session keys does not guarantee perfect forward secrecy.
- Eve call Bob pretending to be Alice, sending a challenge to Bob; Eve responds to Bob's counter-challenge by calling Alice and getting her to respond correctly to the challenge; Eve then drops the call with Alice and passes the correct response along to Bob, thus completing the authentication from Bob's point of view.
- the attack is successful even if the identity of the intended recipient of each message is incorporated within the signed portion of each authentication token, as is optionally permissible in the formal definition of the related ISO protocol. To emphasize this, these principals' identities are included, and annotated with asterisks, in the attack detailed below. For simplicity, certificates are not shown.
- Authentication and key exchange must be linked. If authentication and key exchange are independent, then an attacker could allow two parties to carry out authentication unhindered, and could take over one party's role in key exchange. This would allow the attacker to impersonate a valid party after authentication and key exchange are completed.
- Asymmetry in a protocol is desirable. Symmetries in a protocol should be used with caution, due to both the possibility of reflection attacks, and attacks in which responses from one party can be reused within a protocol. As an obvious illustrative example, the authentication responses of each of two parties should not be identical.
- Messages within a particular protocol run should be logically linked or chained in some manner, to prevent the reuse of previous messages or the introduction of messages from a parallel run.
- the objective here is to preclude replay attacks and interleaving attacks.
- Messages should also be linked to the current time frame (e.g., through incorporation of recently generated random numbers).
- the specific attack detailed in Section 6 is possible due to a lack of such chaining of messages; similarly, the middleperson attack discussed by Gengio et al. 4! is possible in protocols which fail to address this principle.
- a party carrying out a cryptographic operation should be able to incorporate into the data being operated on a reasonable amount of data which he himself randomly selects.
- a protocol should not require a party to carry out a cryptographic operation on inputs which may be entirely under the control of an adversary.
- This "add your own salt” principle is aimed at preventing an adversary from obtaining responses to specific questions he himself may not be able to answer. This should also prevent so-called chosen-ciphertext attacks ( 6, p. 27!).
- chosen-ciphertext attacks 6, p. 27!
- Valid signatures should result from the transformation of a message from a message space that is a sparse subset of the domain of the signature function. For example, requiring redundancy, or some other expectation, in the data to be signed, may thwart attacks whereby an adversary attempts to forge new signatures by combining previously obtained valid signatures.
- the hash function selected to hash the exponentials should produce a result smaller than the maximum size of input allowed to the signature process, to allow redundancy to be added to the hash result before signing.
- the proposed station-to-station protocol satisfies the above principles, as well as the desirable properties noted in Section 4 (perfect forward secrecy, direct authentication, no requirement of timestamps). Its compatibility with the emerging ISO authentication protocol, and its ability to provide key establishment within this framwork, add to its appeal. Furthermore, the station-to-station protocol uses the minimum number of messages required for a random-number-based challenge-response mutual authentication (three), and requires only one signature generation, one signature verification, and two encryption operations by each party (with an additional signature verification if certificates are used on a per-run basis to bind a user's identity and public key).
- E K Any appropriate signature scheme may be used in the STS protocol, including the Digital Signature Algorithm (DSA) recently proposed by NIST 10!. For reasons of practical efficiency, an obvious candidate signature scheme is RSA 26!. Similarly, any appropriate symmetric encryption algorithm may be used. In some applications it may be desirable to avoid the use of an encryption algorithm.
- MAC message authentication code
- the receiving party would then verify both the signature and the MAC over the signature. While allowing one to avoid the requirement of an encrypt/decrypt capability (which e.g., both Kerberos and the X.509 protocols require), a disadvantage of this approach is the additional data transfer it entails.
- Entity Authentication Mechanisms--Part 3 Entity Authentication Using a Public-Key Algorithm (CD 9798-3), November 1991 (ISO/IEC JTCI/SC27 Committee Draft #4).
Landscapes
- Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Computer Security & Cryptography (AREA)
- Theoretical Computer Science (AREA)
- Multimedia (AREA)
- Technology Law (AREA)
- Computer Hardware Design (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Storage Device Security (AREA)
Priority Applications (4)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| US08/258,244 US5724425A (en) | 1994-06-10 | 1994-06-10 | Method and apparatus for enhancing software security and distributing software |
| EP95303720A EP0686906B1 (de) | 1994-06-10 | 1995-05-31 | Verfahren und Vorrichtung zur Verbesserung der Softwaresicherheit und zur Software-Verteilung |
| DE69534212T DE69534212T8 (de) | 1994-06-10 | 1995-05-31 | Verfahren und Vorrichtung zur Verbesserung der Softwaresicherheit und zur Software-Verteilung |
| JP7144507A JPH08166879A (ja) | 1994-06-10 | 1995-06-12 | 提供用ソフトウェアの安全性強化方法及び装置 |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| US08/258,244 US5724425A (en) | 1994-06-10 | 1994-06-10 | Method and apparatus for enhancing software security and distributing software |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| US5724425A true US5724425A (en) | 1998-03-03 |
Family
ID=22979711
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| US08/258,244 Expired - Lifetime US5724425A (en) | 1994-06-10 | 1994-06-10 | Method and apparatus for enhancing software security and distributing software |
Country Status (4)
| Country | Link |
|---|---|
| US (1) | US5724425A (de) |
| EP (1) | EP0686906B1 (de) |
| JP (1) | JPH08166879A (de) |
| DE (1) | DE69534212T8 (de) |
Cited By (308)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO1998034365A1 (en) * | 1997-02-05 | 1998-08-06 | At & T Corp. | System and method for providing software property assurance to a host |
| JPH1124919A (ja) * | 1997-06-20 | 1999-01-29 | Internatl Business Mach Corp <Ibm> | 安全な記憶領域でアプリケーション・データを保護する方法及び装置 |
| US5870469A (en) * | 1995-03-23 | 1999-02-09 | Giesecke & Devrient Gmbh | Method for testing the intactness of stored data in a processing facility for sheet material such as bank notes or papers of value |
| US5878417A (en) * | 1996-11-20 | 1999-03-02 | International Business Machines Corporation | Method and apparatus for network security in browser based interfaces |
| US5899983A (en) * | 1995-09-26 | 1999-05-04 | Siemens Aktiengesellschaft | Method for using electronic information services with guarantee of the anonymity of users in relation to the operators of such services |
| WO1999035583A2 (en) * | 1997-12-22 | 1999-07-15 | Finjan Software, Ltd. | System and method for attaching a downloadable security profile to a downloadable |
| US5933504A (en) * | 1995-05-18 | 1999-08-03 | Certicom Corp. | Strengthened public key protocol |
| US5935246A (en) * | 1996-04-26 | 1999-08-10 | International Computers Limited | Electronic copy protection mechanism using challenge and response to prevent unauthorized execution of software |
| US5943423A (en) * | 1995-12-15 | 1999-08-24 | Entegrity Solutions Corporation | Smart token system for secure electronic transactions and identification |
| US5946396A (en) * | 1996-10-25 | 1999-08-31 | Intel Corporation | System and method for ensuring integrity of audio |
| US5946397A (en) * | 1995-10-03 | 1999-08-31 | Gemplus S.C.A. | Method of cryptography with public key based on the discrete logarithm |
| US5949877A (en) * | 1997-01-30 | 1999-09-07 | Intel Corporation | Content protection for transmission systems |
| US5950195A (en) * | 1996-09-18 | 1999-09-07 | Secure Computing Corporation | Generalized security policy management system and method |
| US5958073A (en) * | 1997-05-30 | 1999-09-28 | Motorola, Inc. | Reliability enhanced processing system and method for optimizing |
| US5968136A (en) * | 1997-06-05 | 1999-10-19 | Sun Microsystems, Inc. | Apparatus and method for secure device addressing |
| US5999921A (en) * | 1997-04-30 | 1999-12-07 | Pitney Bowes Inc. | Electronic postage meter system having plural clock system providing enhanced security |
| US6052469A (en) * | 1996-07-29 | 2000-04-18 | International Business Machines Corporation | Interoperable cryptographic key recovery system with verification by comparison |
| US6067575A (en) * | 1995-12-08 | 2000-05-23 | Sun Microsystems, Inc. | System and method for generating trusted, architecture specific, compiled versions of architecture neutral programs |
| US6092194A (en) * | 1996-11-08 | 2000-07-18 | Finjan Software, Ltd. | System and method for protecting a computer and a network from hostile downloadables |
| US6108425A (en) * | 1997-06-30 | 2000-08-22 | International Business Machines Corporation | Method and apparatus for controlling the configuration of a cryptographic processor |
| US6108420A (en) * | 1997-04-10 | 2000-08-22 | Channelware Inc. | Method and system for networked installation of uniquely customized, authenticable, and traceable software application |
| US6122372A (en) * | 1997-06-04 | 2000-09-19 | Signet Assurance Company Llc | System and method for encapsulating transaction messages with verifiable data generated identifiers |
| US6138119A (en) | 1997-02-25 | 2000-10-24 | Intertrust Technologies Corp. | Techniques for defining, using and manipulating rights management data structures |
| US6148404A (en) * | 1997-05-28 | 2000-11-14 | Nihon Unisys, Ltd. | Authentication system using authentication information valid one-time |
| US6151648A (en) * | 1998-03-16 | 2000-11-21 | Jazio, Inc. | High speed bus system and method for using voltage and timing oscillating references for signal detection |
| US6169803B1 (en) * | 1997-01-24 | 2001-01-02 | Nec Corporation | Encryption key processing system to be incorporated into data recovery system or key setting system for generating encryption key |
| US6181803B1 (en) | 1996-09-30 | 2001-01-30 | Intel Corporation | Apparatus and method for securely processing biometric information to control access to a node |
| US6183366B1 (en) | 1996-01-19 | 2001-02-06 | Sheldon Goldberg | Network gaming system |
| US6189146B1 (en) * | 1998-03-18 | 2001-02-13 | Microsoft Corporation | System and method for software licensing |
| US6199113B1 (en) * | 1998-04-15 | 2001-03-06 | Sun Microsystems, Inc. | Apparatus and method for providing trusted network security |
| US6219423B1 (en) | 1995-12-29 | 2001-04-17 | Intel Corporation | System and method for digitally signing a digital agreement between remotely located nodes |
| US6226383B1 (en) * | 1996-04-17 | 2001-05-01 | Integrity Sciences, Inc. | Cryptographic methods for remote authentication |
| US6233567B1 (en) * | 1997-08-29 | 2001-05-15 | Intel Corporation | Method and apparatus for software licensing electronically distributed programs |
| US6253322B1 (en) * | 1997-05-21 | 2001-06-26 | Hitachi, Ltd. | Electronic certification authentication method and system |
| US6256393B1 (en) * | 1998-06-23 | 2001-07-03 | General Instrument Corporation | Authorization and access control of software object residing in set-top terminals |
| US6263442B1 (en) * | 1996-05-30 | 2001-07-17 | Sun Microsystems, Inc. | System and method for securing a program's execution in a network environment |
| US6264560B1 (en) | 1996-01-19 | 2001-07-24 | Sheldon F. Goldberg | Method and system for playing games on a network |
| US6272469B1 (en) | 1998-11-25 | 2001-08-07 | Ge Medical Systems Global Technology Company, Llc | Imaging system protocol handling method and apparatus |
| US20010016838A1 (en) * | 1995-02-08 | 2001-08-23 | Peter Landrock | Electronic negotiable documents |
| US20010020256A1 (en) * | 2000-03-03 | 2001-09-06 | Akiyuki Hatakeyama | Information processing device and record medium |
| US6292897B1 (en) * | 1997-11-03 | 2001-09-18 | International Business Machines Corporation | Undeniable certificates for digital signature verification |
| US6298153B1 (en) * | 1998-01-16 | 2001-10-02 | Canon Kabushiki Kaisha | Digital signature method and information communication system and apparatus using such method |
| US6308270B1 (en) | 1998-02-13 | 2001-10-23 | Schlumberger Technologies, Inc. | Validating and certifying execution of a software program with a smart card |
| WO2001080528A2 (en) * | 2000-04-14 | 2001-10-25 | Next Level Communications | Method and apparatus for test and verification of field and terminal equipment |
| US6311277B1 (en) * | 1996-03-22 | 2001-10-30 | Hitachi, Ltd. | Method and device for managing computer network |
| US6317878B1 (en) * | 1996-05-22 | 2001-11-13 | Fujitsu Limited | Information processing system and recording media |
| US20010042043A1 (en) * | 1995-02-13 | 2001-11-15 | Intertrust Technologies Corp. | Cryptographic methods, apparatus and systems for storage media electronic rights management in closed and connected appliances |
| US20010044820A1 (en) * | 2000-04-06 | 2001-11-22 | Scott Adam Marc | Method and system for website content integrity assurance |
| US6324525B1 (en) | 1996-06-17 | 2001-11-27 | Hewlett-Packard Company | Settlement of aggregated electronic transactions over a network |
| US6332195B1 (en) | 1996-02-09 | 2001-12-18 | Secure Computing Corporation | Secure server utilizing separate protocol stacks |
| US6334118B1 (en) * | 1997-07-31 | 2001-12-25 | Siemens Aktiengesellschaft | Software rental system and method for renting software |
| US20020002540A1 (en) * | 2000-06-30 | 2002-01-03 | Microsoft Corporation | Method for authenticating and securing integrated bookstore entries |
| US20020023214A1 (en) * | 1996-08-12 | 2002-02-21 | Intertrust Technologies Corp. | Systems and methods using cryptography to protect secure computing environments |
| US20020025043A1 (en) * | 2000-04-13 | 2002-02-28 | Bao Feng | Private retrieval of digital objects |
| WO2002033884A2 (en) * | 2000-10-17 | 2002-04-25 | Sun Microsystems, Inc. | Method and apparatus for providing a key distribution center |
| US6381698B1 (en) | 1997-05-21 | 2002-04-30 | At&T Corp | System and method for providing assurance to a host that a piece of software possesses a particular property |
| US6385610B1 (en) * | 1998-10-16 | 2002-05-07 | Computer Associates Think, Inc. | Method and apparatus for identifying and visualizing differences in object model diagrams |
| US6408075B1 (en) * | 1998-11-30 | 2002-06-18 | Hitachi, Ltd. | Information processing equipment and IC card |
| US20020095578A1 (en) * | 2000-11-22 | 2002-07-18 | Asahiko Yamada | System, method, and program for ensuring originality |
| US6430606B1 (en) | 1998-03-16 | 2002-08-06 | Jazio, Inc. | High speed signaling for interfacing VLSI CMOS circuits |
| US20020108040A1 (en) * | 2000-11-13 | 2002-08-08 | Eskicioglu Ahmet M. | Threshold cryptography scheme for conditional access systems |
| US20020112162A1 (en) * | 2001-02-13 | 2002-08-15 | Cocotis Thomas Andrew | Authentication and verification of Web page content |
| US6442559B1 (en) * | 1999-06-22 | 2002-08-27 | Microsoft Corporation | Dynamic SKU management |
| US6449367B2 (en) | 1996-08-12 | 2002-09-10 | Intertrust Technologies Corp. | Steganographic techniques for securely delivering electronic digital rights management control information over insecure communication channels |
| US20020129270A1 (en) * | 1999-10-18 | 2002-09-12 | Siemens Ag | Electronic device for providing software protection |
| US20020144121A1 (en) * | 2001-03-30 | 2002-10-03 | Ellison Carl M. | Checking file integrity using signature generated in isolated execution |
| US20020152173A1 (en) * | 2001-04-05 | 2002-10-17 | Rudd James M. | System and methods for managing the distribution of electronic content |
| US20020157091A1 (en) * | 2001-04-20 | 2002-10-24 | Microsoft Corporation | Server controlled branding of client software deployed over computer networks |
| US20020183056A1 (en) * | 2001-05-31 | 2002-12-05 | Laurence Lundblade | Safe application distribution and execution in a wireless environment |
| US20020194010A1 (en) * | 2001-06-15 | 2002-12-19 | Bergler Peter M. | System and related methods for managing and enforcing software licenses |
| US20020191785A1 (en) * | 2001-06-14 | 2002-12-19 | International Business Machines Corporation | Apparatus and method for encrypting and decrypting data with incremental data validation |
| US20030005286A1 (en) * | 2001-06-29 | 2003-01-02 | Mcgarvey John R. | Methods, systems and computer program products for authentication between clients and servers using differing authentication protocols |
| US20030005327A1 (en) * | 2001-06-29 | 2003-01-02 | Julian Durand | System for protecting copyrighted materials |
| US20030046244A1 (en) * | 1997-11-06 | 2003-03-06 | Intertrust Technologies Corp. | Methods for matching, selecting, and/or classifying based on rights management and/or other information |
| WO2003019459A2 (en) * | 2001-08-24 | 2003-03-06 | Zih Corp. | Method and apparatus for article authentication |
| US20030058477A1 (en) * | 2001-09-25 | 2003-03-27 | Brunk Hugh L. | Embedding digital watermarks in spot colors |
| US20030063139A1 (en) * | 2001-10-01 | 2003-04-03 | Hohberger Clive P. | Method and apparatus for associating on demand certain selected media and value-adding elements |
| US6557105B1 (en) * | 1999-04-14 | 2003-04-29 | Tut Systems, Inc. | Apparatus and method for cryptographic-based license management |
| US6578145B1 (en) * | 1999-06-29 | 2003-06-10 | Gilbarco Inc. | Methods and systems for securely communicating personal identification number information between a security module and a plurality of secure keypad devices |
| US20030110387A1 (en) * | 2001-12-06 | 2003-06-12 | Cowie Neil Andrew | Initiating execution of a computer program from an encrypted version of a computer program |
| US20030120923A1 (en) * | 2001-12-21 | 2003-06-26 | Avaya Technology Corp. | Secure data authentication apparatus |
| US20030123665A1 (en) * | 2001-12-28 | 2003-07-03 | Dunstan Robert A. | Secure delivery of encrypted digital content |
| US20030159045A1 (en) * | 2002-02-18 | 2003-08-21 | Fujitsu Limited | Original creating apparatus and originality guaranteeing apparatus |
| US20030163431A1 (en) * | 1996-08-30 | 2003-08-28 | Intertrust Technologies Corp. | Systems and methods for secure transaction management and electronic rights protection |
| US20030163427A1 (en) * | 2002-02-27 | 2003-08-28 | Nicholas Ho Chung Fung | Activity management method |
| US20030177051A1 (en) * | 2003-03-13 | 2003-09-18 | Robin Driscoll | Method and system for managing worker resources |
| US20030194094A1 (en) * | 1998-10-26 | 2003-10-16 | Lampson Butler W. | System and method for secure storage data using a key |
| US20030196111A1 (en) * | 1998-10-26 | 2003-10-16 | Lampson Butler W. | Attesting to a value of a register and/or memory region |
| US20030200440A1 (en) * | 2002-04-17 | 2003-10-23 | Paul England | Saving and retrieving data based on symmetric key encryption |
| US6647495B1 (en) * | 1997-04-30 | 2003-11-11 | Sony Corporation | Information processing apparatus and method and recording medium |
| US20030220882A1 (en) * | 2002-05-02 | 2003-11-27 | Shieldip, Inc. | Method and apparatus for protecting information and privacy |
| US6658568B1 (en) | 1995-02-13 | 2003-12-02 | Intertrust Technologies Corporation | Trusted infrastructure support system, methods and techniques for secure electronic commerce transaction and rights management |
| US6658567B1 (en) | 1999-06-25 | 2003-12-02 | Geomechanics International, Inc. | Method and logic for locking geological data and an analyzer program that analyzes the geological data |
| US20030233552A1 (en) * | 2001-06-04 | 2003-12-18 | Adrian Baldwin | Packaging evidence for long term validation |
| US6668325B1 (en) | 1997-06-09 | 2003-12-23 | Intertrust Technologies | Obfuscation techniques for enhancing software security |
| US20040003254A1 (en) * | 2002-07-01 | 2004-01-01 | Masayuki Numao | Network system, server and information terminal for list matching |
| US20040002384A1 (en) * | 2002-06-28 | 2004-01-01 | Multerer Boyd C. | Discovery and distribution of game session information |
| US6675298B1 (en) * | 1999-08-18 | 2004-01-06 | Sun Microsystems, Inc. | Execution of instructions using op code lengths longer than standard op code lengths to encode data |
| US20040005059A1 (en) * | 2001-11-05 | 2004-01-08 | Yoshihiko Suzuki | Correspondence education system and correspondence education method |
| US6678665B1 (en) * | 1997-05-28 | 2004-01-13 | Fujitsu Siemens Computer | Computer system for protecting software and a method for protecting software |
| US6684389B1 (en) * | 1999-08-05 | 2004-01-27 | Canon Kabushiki Kaisha | Compiler that decrypts encrypted source code |
| US6687825B1 (en) | 2000-03-17 | 2004-02-03 | International Business Machines Corporation | Data processing system and method for protecting data in a hard drive utilizing a signature device |
| US6700995B2 (en) * | 2000-04-19 | 2004-03-02 | Digimarc Corporation | Applying digital watermarks using dot gain correction |
| US20040048671A1 (en) * | 2000-10-19 | 2004-03-11 | Igt | Gaming terminal data repository and information distribution system |
| US20040059922A1 (en) * | 2002-09-20 | 2004-03-25 | Harris Rodney C. | Continuous voice recognition for user authentication by a digital transmitting device |
| US6725378B1 (en) | 1998-04-15 | 2004-04-20 | Purdue Research Foundation | Network protection for denial of service attacks |
| US20040109187A1 (en) * | 2002-08-30 | 2004-06-10 | Hiroyuki Matsushima | Image processing apparatus, image processing method and program |
| US20040123116A1 (en) * | 2002-12-19 | 2004-06-24 | Hongxia Jin | System and Method to Proactively Detect Software Tampering |
| US6757831B1 (en) * | 1999-08-18 | 2004-06-29 | Sun Microsystems, Inc. | Logic block used to check instruction buffer configuration |
| US20040133803A1 (en) * | 1999-05-05 | 2004-07-08 | Rabin Michael O. | Methods and apparatus for protecting information |
| US6763467B1 (en) | 1999-02-03 | 2004-07-13 | Cybersoft, Inc. | Network traffic intercepting method and system |
| US20040139097A1 (en) * | 1995-04-11 | 2004-07-15 | Kinetech, Inc. | Identifying data in a data processing system |
| US6766305B1 (en) * | 1999-03-12 | 2004-07-20 | Curl Corporation | Licensing system and method for freely distributed information |
| US20040158533A1 (en) * | 2003-02-06 | 2004-08-12 | Steve Messick | Simultaneous network news distribution |
| US20040180721A1 (en) * | 2000-12-21 | 2004-09-16 | Igt | Gaming terminal data repository and information distribution system |
| US6820200B2 (en) | 1997-04-30 | 2004-11-16 | Sony Corporation | Information processing apparatus and method and recording medium |
| US20040235563A1 (en) * | 2003-02-26 | 2004-11-25 | Blackburn Christopher W. | Game update service in a service-oriented gaming network environment |
| US20040242328A1 (en) * | 2003-03-05 | 2004-12-02 | Blackburn Christopher W. | Boot service in a service-oriented gaming network environment |
| US20040243849A1 (en) * | 2003-03-06 | 2004-12-02 | Blackburn Christopher W. | Authorization service in a service-oriented gaming network environment |
| US20040243848A1 (en) * | 2003-03-06 | 2004-12-02 | Blackburn Christopher W. | Authentication service in a service-oriented gaming network environment |
| US20040242331A1 (en) * | 2003-03-17 | 2004-12-02 | Blackburn Christopher W. | Time service in a service-oriented gaming network environment |
| US20040242329A1 (en) * | 2003-03-05 | 2004-12-02 | Blackburn Christopher W. | Discovery service in a service-oriented gaming network environment |
| US20040255115A1 (en) * | 2000-06-27 | 2004-12-16 | Microsoft Corporation | Method and system for binding enhanced software features to a persona |
| US20040260947A1 (en) * | 2002-10-21 | 2004-12-23 | Brady Gerard Anthony | Methods and systems for analyzing security events |
| US20040257223A1 (en) * | 2003-06-17 | 2004-12-23 | Intelagents, Inc | System and method for monitoring a security of an asset |
| US20040259633A1 (en) * | 2003-04-16 | 2004-12-23 | Gentles Thomas A. | Remote authentication of gaming software in a gaming system environment |
| US20040259640A1 (en) * | 2003-04-16 | 2004-12-23 | Gentles Thomas A. | Layered security methods and apparatus in a gaming system environment |
| WO2004114242A1 (en) * | 2003-06-17 | 2004-12-29 | Intelagents, Inc. | System and method for monitoring and detecting a security threat |
| US20040266532A1 (en) * | 2003-03-27 | 2004-12-30 | Blackburn Christopher W. | Event management service in a service-oriented gaming network environment |
| US20040266523A1 (en) * | 2003-04-16 | 2004-12-30 | Gentles Thomas A | Secured networks in a gaming system environment |
| US20040266533A1 (en) * | 2003-04-16 | 2004-12-30 | Gentles Thomas A | Gaming software distribution network in a gaming system environment |
| US20050002533A1 (en) * | 2003-07-01 | 2005-01-06 | Langin-Hooper Jerry Joe | Fully secure message transmission over non-secure channels without cryptographic key exchange |
| US20050005107A1 (en) * | 1997-11-06 | 2005-01-06 | Shlomo Touboul | Method and system for caching at secure gateways |
| US20050021477A1 (en) * | 1997-01-29 | 2005-01-27 | Ganapathy Krishnan | Method and system for securely incorporating electronic information into an online purchasing application |
| US6850161B1 (en) * | 2000-10-23 | 2005-02-01 | Verizon Corporate Services Group Inc. | Systems and methods for identifying and mapping conduit location |
| US20050033663A1 (en) * | 2000-06-30 | 2005-02-10 | Microsoft Corporation | Architecture for an electronic shopping service integratable with a software application |
| US20050038751A1 (en) * | 2003-08-15 | 2005-02-17 | Gaetano Arthur Louis | System and method for software site licensing |
| US20050038752A1 (en) * | 2003-08-15 | 2005-02-17 | Gaetano Arthur Louis | System and method for software site licensing |
| US20050060266A1 (en) * | 2000-06-27 | 2005-03-17 | Microsoft Corporation | Method and system for limiting the use of user-specific software features |
| US20050060549A1 (en) * | 1998-10-26 | 2005-03-17 | Microsoft Corporation | Controlling access to content based on certificates and access predicates |
| US20050071656A1 (en) * | 2003-09-25 | 2005-03-31 | Klein Dean A. | Secure processor-based system and method |
| US20050091216A1 (en) * | 2003-10-23 | 2005-04-28 | Curl Corporation | URL system and method for licensing content |
| US20050097317A1 (en) * | 2000-01-12 | 2005-05-05 | Jonathan Trostle | Directory enabled secure multicast group communications |
| US20050097056A1 (en) * | 2000-06-27 | 2005-05-05 | Microsoft Corporation | System and method for activating a rendering device in a multi-level rights-management architecture |
| US20050102240A1 (en) * | 1998-03-18 | 2005-05-12 | Microsoft Corporation | System and method for software licensing |
| US6895501B1 (en) | 2000-03-13 | 2005-05-17 | Wrq, Inc. | Method and apparatus for distributing, interpreting, and storing heterogeneous certificates in a homogenous public key infrastructure |
| US20050108554A1 (en) * | 1997-11-06 | 2005-05-19 | Moshe Rubin | Method and system for adaptive rule-based content scanners |
| US20050108556A1 (en) * | 1999-12-17 | 2005-05-19 | Microsoft Corporation | System and method for accessing protected content in a rights-management architecture |
| US20050108548A1 (en) * | 2003-11-14 | 2005-05-19 | Yusuke Ohta | System and method for verifying validity of a product |
| US6901510B1 (en) | 1999-12-22 | 2005-05-31 | Cisco Technology, Inc. | Method and apparatus for distributing and updating group controllers over a wide area network using a tree structure |
| US20050125658A1 (en) * | 2001-10-23 | 2005-06-09 | Yoshihiro Tsukamoto | Information processing apparatus |
| US20050160401A1 (en) * | 1999-10-16 | 2005-07-21 | Computer Associates Think, Inc. | System and method for adding user-defined objects to a modeling tool |
| US20050182930A1 (en) * | 2004-02-18 | 2005-08-18 | Alcatel | Method and a device for transforming an operating system to protect a computer program against attack |
| US20050182956A1 (en) * | 1995-02-13 | 2005-08-18 | Intertrust Technologies Corporation | Trusted and secure techniques, systems and methods for item delivery and execution |
| US20050180572A1 (en) * | 2004-02-18 | 2005-08-18 | Graunke Gary L. | Apparatus and method for distributing private keys to an entity with minimal secret, unique information |
| US20050192907A1 (en) * | 1999-03-27 | 2005-09-01 | Microsoft Corporation | Method for interdependently validating a digital content package and a corresponding digital license |
| US6941457B1 (en) | 2000-06-30 | 2005-09-06 | Cisco Technology, Inc. | Establishing a new shared secret key over a broadcast channel for a multicast group based on an old shared secret key |
| US6944765B1 (en) * | 1999-12-21 | 2005-09-13 | Qualcomm, Inc. | Method of authentication anonymous users while reducing potential for “middleman” fraud |
| US20050216760A1 (en) * | 2000-11-03 | 2005-09-29 | Shieldip, Inc. | Method and apparatus for protecting information and privacy |
| US20050228989A1 (en) * | 2004-04-01 | 2005-10-13 | Shieldip, Inc. | Detection and identification methods for software |
| US20050227768A1 (en) * | 2003-05-27 | 2005-10-13 | Blackburn Christopher W | Gaming network environment having a language translation service |
| US20050240999A1 (en) * | 1997-11-06 | 2005-10-27 | Moshe Rubin | Method and system for adaptive rule-based content scanners for desktop computers |
| US20050246530A1 (en) * | 2004-03-31 | 2005-11-03 | Canon Kabushiki Kaisha | Confirmation method of software and apparatus for executing software |
| US20050251482A1 (en) * | 1994-11-23 | 2005-11-10 | Content Guard Holdings, Inc. | Digital work structure |
| US6965968B1 (en) | 2003-02-27 | 2005-11-15 | Finjan Software Ltd. | Policy-based caching |
| US6970849B1 (en) | 1999-12-17 | 2005-11-29 | Microsoft Corporation | Inter-server communication using request with encrypted parameter |
| US6971023B1 (en) * | 2000-10-03 | 2005-11-29 | Mcafee, Inc. | Authorizing an additional computer program module for use with a core computer program |
| US20050282638A1 (en) * | 2000-11-04 | 2005-12-22 | Igt | Dynamic player notices for operational changes in gaming machines |
| US6981262B1 (en) | 2000-06-27 | 2005-12-27 | Microsoft Corporation | System and method for client interaction in a multi-level rights-management architecture |
| US6987855B1 (en) * | 1999-09-10 | 2006-01-17 | Cisco Technology, Inc. | Operational optimization of a shared secret Diffie-Hellman key exchange among broadcast or multicast groups |
| US20060013400A1 (en) * | 2004-07-14 | 2006-01-19 | Sutton James A Ii | Method of delivering direct proof private keys in signed groups to devices using a distribution CD |
| US20060026677A1 (en) * | 2000-03-30 | 2006-02-02 | Edery Yigal M | Malicious mobile code runtime monitoring system and methods |
| US20060053158A1 (en) * | 1997-02-25 | 2006-03-09 | Intertrust Technologies Corp. | Techniques for defining, using and manipulating rights management data structures |
| US7013389B1 (en) | 1999-09-29 | 2006-03-14 | Cisco Technology, Inc. | Method and apparatus for creating a secure communication channel among multiple event service nodes |
| US7024554B1 (en) * | 2000-09-29 | 2006-04-04 | Mindspeed Technologies, Inc. | Systems and methods that authorize target devices utilizing proprietary software and/or hardware |
| US7039713B1 (en) * | 1999-11-09 | 2006-05-02 | Microsoft Corporation | System and method of user authentication for network communication through a policy agent |
| US20060095774A1 (en) * | 2004-11-04 | 2006-05-04 | Butterfield Bruce D | Message file editing process |
| US7047411B1 (en) | 1999-12-17 | 2006-05-16 | Microsoft Corporation | Server for an electronic distribution system and method of operating same |
| US20060107058A1 (en) * | 2001-06-19 | 2006-05-18 | International Business Machines Corporation | Method and apparatus for uniquely and authoritatively identifying tangible objects |
| US20060106722A1 (en) * | 1994-11-23 | 2006-05-18 | Contentguard Holdings, Inc. | Usage rights grammar and digital works having usage rights created with the grammar |
| US7051200B1 (en) | 2000-06-27 | 2006-05-23 | Microsoft Corporation | System and method for interfacing a software process to secure repositories |
| US7055175B1 (en) * | 2000-01-06 | 2006-05-30 | International Business Machines Corporation | Method and system for generating and using a virus free file certificate integrated within a file |
| US20060117314A1 (en) * | 2002-12-11 | 2006-06-01 | Kenji Sato | Software execution control system and software execution control program |
| US20060117181A1 (en) * | 2004-11-30 | 2006-06-01 | Brickell Ernest F | Apparatus and method for establishing a secure session with a device without exposing privacy-sensitive information |
| US20060136747A1 (en) * | 2004-11-15 | 2006-06-22 | Microsoft Corporation | Changing product behavior in accordance with license |
| US20060149968A1 (en) * | 1997-11-06 | 2006-07-06 | Edery Yigal M | Method and system for protecting a computer and a network from hostile downloadables |
| US20060161777A1 (en) * | 2003-07-11 | 2006-07-20 | Koninklijke Philips Electronics N.V. | Watermark embedding and detection |
| US7093119B2 (en) | 2002-07-16 | 2006-08-15 | International Business Machines Corporation | Methods and computer program products for protecting source code of an interpreted programming language |
| US7096497B2 (en) | 2001-03-30 | 2006-08-22 | Intel Corporation | File checking using remote signing authority via a network |
| US7103185B1 (en) | 1999-12-22 | 2006-09-05 | Cisco Technology, Inc. | Method and apparatus for distributing and updating private keys of multicast group managers using directory replication |
| US20060225030A1 (en) * | 1999-10-16 | 2006-10-05 | Deffler Tad A | Method and System for Generating Dynamic Comparison Models |
| US20060236114A1 (en) * | 2005-04-05 | 2006-10-19 | Ntt Docomo, Inc. | Application program verification system, application program verification method and computer program |
| US20060242075A1 (en) * | 1995-02-13 | 2006-10-26 | Intertrust Technologies Corp. | Trusted infrastructure support systems, methods and techniques for secure electronic commerce, electronic transactions, commerce process control and automation, distributed computing and rights management |
| US20060242406A1 (en) * | 2005-04-22 | 2006-10-26 | Microsoft Corporation | Protected computing environment |
| US20060271915A1 (en) * | 2005-05-24 | 2006-11-30 | Contentguard Holdings, Inc. | Usage rights grammar and digital works having usage rights created with the grammar |
| US20060282899A1 (en) * | 2005-06-08 | 2006-12-14 | Microsoft Corporation | System and method for delivery of a modular operating system |
| US20070011174A1 (en) * | 1998-09-22 | 2007-01-11 | Kazuo Takaragi | Method and a device for managing a computer network |
| US20070011453A1 (en) * | 2005-07-07 | 2007-01-11 | Nokia Corporation | Establishment of a trusted relationship between unknown communication parties |
| US20070016770A1 (en) * | 2005-07-18 | 2007-01-18 | Dell Products L.P. | System and method for managing the initiation of software programs in an information handling system |
| US7171692B1 (en) | 2000-06-27 | 2007-01-30 | Microsoft Corporation | Asynchronous communication within a server arrangement |
| US20070032288A1 (en) * | 2000-10-19 | 2007-02-08 | Igt | Remote configuration of gaming terminals |
| US7181014B1 (en) | 1999-09-10 | 2007-02-20 | Cisco Technology, Inc. | Processing method for key exchange among broadcast or multicast groups that provides a more efficient substitute for Diffie-Hellman key exchange |
| US7181602B1 (en) * | 1999-01-25 | 2007-02-20 | Giesecke & Devrient Gmbh | Method for exchanging at least one secret initial value between a processing station and a chip card |
| US20070056035A1 (en) * | 2005-08-16 | 2007-03-08 | Drew Copley | Methods and systems for detection of forged computer files |
| US20070058802A1 (en) * | 2000-06-22 | 2007-03-15 | Microsoft Corporation | Cryptosystem Based on a Jacobian of a Curve |
| US20070061594A1 (en) * | 1995-02-13 | 2007-03-15 | Intertrust Technologies Corp. | Systems and methods for secure transaction management and electronic rights protection |
| US20070064943A1 (en) * | 1995-02-13 | 2007-03-22 | Intertrust Technologies Corp. | Systems and methods for secure transaction management and electronic rights protection |
| US20070067630A1 (en) * | 2005-09-16 | 2007-03-22 | Dmitry Lenkov | Trusted information exchange based on trust agreements |
| US7197639B1 (en) * | 1999-02-05 | 2007-03-27 | Rsa Security Inc. | Cryptographic countermeasures against connection depletion attacks |
| US20070071238A1 (en) * | 2005-09-29 | 2007-03-29 | Research In Motion Limited | System and method for providing an indication of randomness quality of random number data generated by a random data service |
| US20070083656A1 (en) * | 1994-05-13 | 2007-04-12 | J2 Global Communications, Inc. | Systems and method for storing, delivering, and managing messages |
| US20070083726A1 (en) * | 2003-10-13 | 2007-04-12 | Koninklijke Philips Electronics N.V. | Storage allocation per application |
| US20070088949A1 (en) * | 2002-04-17 | 2007-04-19 | Microsoft Corporation | Saving and Retrieving Data Based on Public Key Encryption |
| US20070094508A1 (en) * | 2005-10-21 | 2007-04-26 | Harris Corporation | Mobile wireless communications device with software installation and verification features and related methods |
| US7215773B1 (en) | 1998-10-14 | 2007-05-08 | Certicom.Corp. | Key validation scheme |
| US20070152854A1 (en) * | 2005-12-29 | 2007-07-05 | Drew Copley | Forgery detection using entropy modeling |
| US20070156602A1 (en) * | 2005-12-07 | 2007-07-05 | Seiko Epson Corporation | Information distribution apparatus, information processing apparatus, printing apparatus, control method of information distribution apparatus, control method of information processing apparatus, and control program |
| US20070160202A1 (en) * | 2006-01-11 | 2007-07-12 | International Business Machines Corporation | Cipher method and system for verifying a decryption of an encrypted user data key |
| US7260716B1 (en) | 1999-09-29 | 2007-08-21 | Cisco Technology, Inc. | Method for overcoming the single point of failure of the central group controller in a binary tree group key exchange approach |
| US20070197298A1 (en) * | 2001-02-02 | 2007-08-23 | Igt | Wide area program distribution and game information communication system |
| US20070220116A1 (en) * | 2006-03-14 | 2007-09-20 | Anthony Rose | Filter for a Distributed Network |
| US20070226789A1 (en) * | 1994-10-12 | 2007-09-27 | Secure Computing Corporation | System and method for providing secure internetwork services via an assured pipeline |
| US20070270212A1 (en) * | 2000-10-19 | 2007-11-22 | Igt | Executing multiple applications and their variations in computing environments |
| US20070294181A1 (en) * | 2006-05-22 | 2007-12-20 | Saurabh Chheda | Flexible digital rights management with secure snippets |
| US7334125B1 (en) | 2001-11-27 | 2008-02-19 | Cisco Technology, Inc. | Facilitating secure communications among multicast nodes in a telecommunications network |
| US20080082446A1 (en) * | 1999-10-01 | 2008-04-03 | Hicks Christian B | Remote Authorization for Unlocking Electronic Data System and Method |
| US20080122624A1 (en) * | 2006-10-30 | 2008-05-29 | Hewlett-Packard Development Company, L.P. | Method and system for generating data transaction id |
| US7386727B1 (en) | 1998-10-24 | 2008-06-10 | Encorus Holdings Limited | Method for digital signing of a message |
| US20080183625A1 (en) * | 2007-01-30 | 2008-07-31 | Microsoft Corporation | Controlling access to technology based upon authorization |
| US20080209556A1 (en) * | 2007-01-19 | 2008-08-28 | International Business Machines Corporation | Method and device for verification of code module in virtual machine |
| US20080215896A1 (en) * | 2003-02-25 | 2008-09-04 | Steve Bourne | Issuing a Publisher Use License Off-Line in a Digital Rights Management (DRM) System |
| US7434046B1 (en) | 1999-09-10 | 2008-10-07 | Cisco Technology, Inc. | Method and apparatus providing secure multicast group communication |
| US20080288786A1 (en) * | 2004-12-20 | 2008-11-20 | Michael Stephen Fiske | System with access keys |
| US7461249B1 (en) * | 1999-08-13 | 2008-12-02 | Hewlett-Packard Development Company, L.P. | Computer platforms and their methods of operation |
| US20090003606A1 (en) * | 2007-06-28 | 2009-01-01 | Samsung Electronics Co., Ltd. | Changing the order of public key cryptographic computations |
| US20090012864A1 (en) * | 2007-07-02 | 2009-01-08 | Goldberg Sheldon F | Compensation model for network services |
| US20090028325A1 (en) * | 2005-08-19 | 2009-01-29 | Nxp B.V. | Circuit arrangement for and method of performing an inversion operation in a cryptographic calculation |
| US20090034730A1 (en) * | 1997-10-28 | 2009-02-05 | Encorus Holdings Limited | Process for digital signing of a message |
| US7493486B1 (en) * | 2000-06-09 | 2009-02-17 | Verizon Laboratories, Inc. | Method and apparatus for supporting cryptographic-related activities in a public key infrastructure |
| US20090087018A1 (en) * | 2003-04-15 | 2009-04-02 | Reed Alastair M | Perceptability model applied to watermark signals |
| US20090119779A1 (en) * | 2007-11-06 | 2009-05-07 | The Mathworks, Inc. | License activation and management |
| US20090132440A1 (en) * | 1996-01-19 | 2009-05-21 | Dennis J. Dupray | Compensation model for network services |
| US7539875B1 (en) | 2000-06-27 | 2009-05-26 | Microsoft Corporation | Secure repository with layers of tamper resistance and system and method for providing same |
| US20090185681A1 (en) * | 2005-08-19 | 2009-07-23 | Nxp B.V. | Circuit arrangement and method for rsa key generation |
| US7567669B2 (en) | 1996-05-17 | 2009-07-28 | Certicom Corp. | Strengthened public key protocol |
| US20090313171A1 (en) * | 2008-06-17 | 2009-12-17 | Microsoft Corporation | Electronic transaction verification |
| US20100004758A1 (en) * | 2006-07-13 | 2010-01-07 | Mitsubishi Electric Corporation | Equipment management system, programmable controller and centralized controller |
| US20100024044A1 (en) * | 1999-03-27 | 2010-01-28 | Microsoft Corporation | Specifying rights in a digital rights license according to events |
| US7685425B1 (en) * | 1999-03-31 | 2010-03-23 | British Telecommunications Public Limited Company | Server computer for guaranteeing files integrity |
| US7698227B1 (en) * | 2005-07-14 | 2010-04-13 | Sun Microsystems, Inc. | System and method for providing traceable acknowledgement of a digital data distribution license |
| US20100115283A1 (en) * | 1999-07-29 | 2010-05-06 | Intertrust Technologies Corp. | Systems and methods for using cryptography to protect secure and insecure computing environments |
| US20100131272A1 (en) * | 2008-11-25 | 2010-05-27 | Institute For Information Industry | Apparatus and method for generating and verifying a voice signature of a message and computer readable medium thereof |
| US20100203960A1 (en) * | 2005-07-20 | 2010-08-12 | Wms Gaming Inc. | Wagering game with encryption and authentication |
| US7844835B2 (en) | 1995-02-13 | 2010-11-30 | Intertrust Technologies Corporation | Systems and methods for secure transaction management and electronic rights protection |
| US20100318804A1 (en) * | 2007-06-12 | 2010-12-16 | Volkovs Nikolajs | Scheme of applying the modified polynomial-based hash function in the digital signature algorithm based on the division algorithm |
| US20100332848A1 (en) * | 2005-09-29 | 2010-12-30 | Research In Motion Limited | System and method for code signing |
| CN101593257B (zh) * | 2008-05-27 | 2011-02-16 | 北京飞天诚信科技有限公司 | 基于.Net虚拟机的软件保护系统和方法 |
| US8014530B2 (en) | 2006-03-22 | 2011-09-06 | Intel Corporation | Method and apparatus for authenticated, recoverable key distribution with no database secrets |
| US20110276805A1 (en) * | 2010-04-19 | 2011-11-10 | Aashin Nagpal | System and Method for Third Party Creation of Applications for Mobile Appliances |
| US8079086B1 (en) | 1997-11-06 | 2011-12-13 | Finjan, Inc. | Malicious mobile code runtime monitoring system and methods |
| CN101938471B (zh) * | 2005-04-22 | 2012-04-04 | 林建华 | 管理公开金钥密码学的公开与秘密金钥对的方法 |
| US8172686B2 (en) | 2006-08-08 | 2012-05-08 | Wms Gaming Inc. | Configurable wagering game manager |
| US8176564B2 (en) | 2004-11-15 | 2012-05-08 | Microsoft Corporation | Special PC mode entered upon detection of undesired state |
| JP2012088765A (ja) * | 2010-10-15 | 2012-05-10 | Hitachi Solutions Ltd | プログラム起動制御方法、プログラム起動制御プログラム、携帯端末、ネットワークシステム |
| CN101436141B (zh) * | 2008-11-21 | 2012-07-18 | 深圳创维数字技术股份有限公司 | 基于数字签名的固件升级、固件封装方法与装置 |
| US8336085B2 (en) | 2004-11-15 | 2012-12-18 | Microsoft Corporation | Tuning product policy using observed evidence of customer behavior |
| US8347078B2 (en) | 2004-10-18 | 2013-01-01 | Microsoft Corporation | Device certificate individualization |
| US8393001B1 (en) | 2002-07-26 | 2013-03-05 | Mcafee, Inc. | Secure signature server system and associated method |
| US20130074168A1 (en) * | 2011-09-15 | 2013-03-21 | Verizon Patent And Licensing Inc. | Streaming video authentication |
| USRE44131E1 (en) | 1995-06-02 | 2013-04-02 | Fujitsu Limited | Storage device having function for coping with computer virus |
| US20130084974A1 (en) * | 2005-05-31 | 2013-04-04 | Stephen Byng | Password Entry System |
| US20130104232A1 (en) * | 2011-10-25 | 2013-04-25 | Raytheon Company | Appliqué providing a secure deployment environment (sde) for a wireless communications device |
| US8438645B2 (en) | 2005-04-27 | 2013-05-07 | Microsoft Corporation | Secure clock with grace periods |
| USRE44220E1 (en) | 1998-06-18 | 2013-05-14 | Zih Corp. | Electronic identification system and method with source authenticity |
| US20130238902A1 (en) * | 2002-06-20 | 2013-09-12 | Krimmeni Technologies, Inc. | Method and system for control of code execution on a general purpose computing device and control of code execution in a recursive security protocol |
| US20140059645A1 (en) * | 1997-03-10 | 2014-02-27 | Sonicwall, Inc. | Query Interface to Policy Server |
| US8725646B2 (en) | 2005-04-15 | 2014-05-13 | Microsoft Corporation | Output protection levels |
| US8732831B2 (en) | 2011-07-14 | 2014-05-20 | AVG Netherlands B.V. | Detection of rogue software applications |
| US8781969B2 (en) | 2005-05-20 | 2014-07-15 | Microsoft Corporation | Extensible media rights |
| US8818897B1 (en) * | 2005-12-15 | 2014-08-26 | Rockstar Consortium Us Lp | System and method for validation and enforcement of application security |
| US8892495B2 (en) | 1991-12-23 | 2014-11-18 | Blanding Hovenweep, Llc | Adaptive pattern recognition based controller apparatus and method and human-interface therefore |
| US9152779B2 (en) | 2011-01-16 | 2015-10-06 | Michael Stephen Fiske | Protecting codes, keys and user credentials with identity and patterns |
| US9219755B2 (en) | 1996-11-08 | 2015-12-22 | Finjan, Inc. | Malicious mobile code runtime monitoring system and methods |
| US9323951B2 (en) | 2013-03-13 | 2016-04-26 | International Business Machines Corporation | Encrypted warranty verification and diagnostic tool |
| US20160134422A1 (en) * | 2012-06-29 | 2016-05-12 | Kip Sign P1 Lp | System and method for identifying software changes |
| US9363481B2 (en) | 2005-04-22 | 2016-06-07 | Microsoft Technology Licensing, Llc | Protected media pipeline |
| US9436804B2 (en) | 2005-04-22 | 2016-09-06 | Microsoft Technology Licensing, Llc | Establishing a unique session key using a hardware functionality scan |
| US9535563B2 (en) | 1999-02-01 | 2017-01-03 | Blanding Hovenweep, Llc | Internet appliance system and method |
| US9575906B2 (en) | 2012-03-20 | 2017-02-21 | Rubicon Labs, Inc. | Method and system for process working set isolation |
| USRE46439E1 (en) | 1997-03-10 | 2017-06-13 | Dropbox, Inc. | Distributed administration of access to information and interface for same |
| US9710617B2 (en) | 2002-06-20 | 2017-07-18 | Rubicon Labs, Inc. | Method and system for a recursive security protocol for digital copyright control |
| US9922175B2 (en) | 2000-09-21 | 2018-03-20 | Blackberry Limited | Controlling access by code |
| TWI643160B (zh) * | 2017-11-16 | 2018-12-01 | 國立臺北科技大學 | 利用權重參數與餘數定義隱寫資料於區塊截斷編碼影像的方法、影像壓縮裝置及電腦可讀取的記錄媒體 |
| US20190102567A1 (en) * | 2017-09-29 | 2019-04-04 | Intel Corporation | Crypto-enforced capabilities for isolation |
| US10262127B2 (en) | 2017-04-05 | 2019-04-16 | General Electric Company | Systems and method for securely sharing and executing data and models |
| KR101979323B1 (ko) * | 2017-12-18 | 2019-05-15 | 주식회사 캐드서브 | 소프트웨어 저작권 인증 관리 방법 |
| US20190236269A1 (en) * | 2018-01-31 | 2019-08-01 | International Business Machines Corporation | Detecting third party software elements |
| US10419217B2 (en) * | 2014-11-06 | 2019-09-17 | Huawei Technologies Co., Ltd. | Security information configuration method, security verification method, and related chip |
| US10574451B2 (en) * | 2017-10-19 | 2020-02-25 | Bank Of America Corporation | Method and apparatus for perfect forward secrecy using deterministic hierarchy |
| USRE47908E1 (en) * | 1991-12-23 | 2020-03-17 | Blanding Hovenweep, Llc | Ergonomic man-machine interface incorporating adaptive pattern recognition based control system |
| USRE48056E1 (en) * | 1991-12-23 | 2020-06-16 | Blanding Hovenweep, Llc | Ergonomic man-machine interface incorporating adaptive pattern recognition based control system |
| US10951404B1 (en) * | 2020-06-09 | 2021-03-16 | Quantropi Inc. | Methods and systems for digital message encoding and signing |
| US11050735B2 (en) * | 2018-08-23 | 2021-06-29 | International Business Machines Corporation | Customizable authentication system |
| US11403685B2 (en) * | 2016-10-17 | 2022-08-02 | Blackberry Limited | Automatic distribution of licenses for a third-party service operating in association with a licensed first-party service |
| USRE49334E1 (en) | 2005-10-04 | 2022-12-13 | Hoffberg Family Trust 2 | Multifactorial optimization system and method |
| US11562073B2 (en) | 2018-11-28 | 2023-01-24 | The Boeing Company | Systems and methods of software load verification |
| WO2023014248A1 (en) | 2021-08-03 | 2023-02-09 | Mohammed Alawi E Geoffrey | Methods and systems for verification method to validate documents |
| US11641347B2 (en) | 2021-03-10 | 2023-05-02 | Quantropi Inc. | Quantum-safe cryptographic methods and systems |
Families Citing this family (27)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| TW313642B (en) * | 1996-06-11 | 1997-08-21 | Ibm | A uniform mechanism for using signed content |
| AUPO474997A0 (en) * | 1997-01-23 | 1997-02-20 | Commonwealth Bank Of Australia | Distribution system with authentication |
| WO1999015947A1 (en) * | 1997-09-19 | 1999-04-01 | Hyo Joon Park | Software license control system based on independent software registration server |
| US6567793B1 (en) | 1997-12-22 | 2003-05-20 | Christian Bielefeldt Hicks | Remote authorization for unlocking electronic data system and method |
| BE1012292A3 (nl) * | 1998-03-26 | 2000-09-05 | Int Management Services Afgeko | Werkwijze voor het identificeren van computergegevens, eenheden om deze werkwijze te realiseren, alsmede netwerk dat van deze werkwijze gebruik maakt. |
| DE19820605A1 (de) * | 1998-05-08 | 1999-11-11 | Giesecke & Devrient Gmbh | Verfahren zur sicheren Verteilung von Software |
| US6138235A (en) * | 1998-06-29 | 2000-10-24 | Sun Microsystems, Inc. | Controlling access to services between modular applications |
| US6463535B1 (en) * | 1998-10-05 | 2002-10-08 | Intel Corporation | System and method for verifying the integrity and authorization of software before execution in a local platform |
| JP3779837B2 (ja) * | 1999-02-22 | 2006-05-31 | 松下電器産業株式会社 | コンピュータ及びプログラム記録媒体 |
| FI990461A0 (fi) * | 1999-03-03 | 1999-03-03 | Nokia Mobile Phones Ltd | Menetelmä ohjelmiston lataamiseksi palvelimelta päätelaitteeseen |
| US6389537B1 (en) * | 1999-04-23 | 2002-05-14 | Intel Corporation | Platform and method for assuring integrity of trusted agent communications |
| US6449720B1 (en) * | 1999-05-17 | 2002-09-10 | Wave Systems Corp. | Public cryptographic control unit and system therefor |
| WO2001030041A2 (en) * | 1999-10-20 | 2001-04-26 | Tomko George J | System and method for secure data handling over a network |
| US6948065B2 (en) | 2000-12-27 | 2005-09-20 | Intel Corporation | Platform and method for securely transmitting an authorization secret |
| US20030167407A1 (en) * | 2002-03-01 | 2003-09-04 | Brett Howard | Authenticated file loader |
| US7711957B2 (en) | 2003-09-30 | 2010-05-04 | Siemens Aktiengesellschaft | Granting access to a computer-based object |
| JP4547907B2 (ja) * | 2003-12-22 | 2010-09-22 | 横河電機株式会社 | コントローラ |
| GB0516471D0 (en) * | 2005-08-10 | 2005-09-14 | Symbian Software Ltd | Protected software identifiers for improving security in a computing device |
| EP1879122A1 (de) * | 2006-07-10 | 2008-01-16 | ABB Research Ltd | Verfahren und Vorrichtungen zur Überprüfung der Authentizität eines aufgerufenen Code-Moduls |
| US8332635B2 (en) | 2007-05-29 | 2012-12-11 | International Business Machines Corporation | Updateable secure kernel extensions |
| US8422674B2 (en) | 2007-05-29 | 2013-04-16 | International Business Machines Corporation | Application-specific secret generation |
| US8433927B2 (en) | 2007-05-29 | 2013-04-30 | International Business Machines Corporation | Cryptographically-enabled privileged mode execution |
| US8332636B2 (en) | 2007-10-02 | 2012-12-11 | International Business Machines Corporation | Secure policy differentiation by secure kernel design |
| FR2922702B1 (fr) | 2007-10-17 | 2010-02-26 | Airbus France | Securisation de fichiers informatiques telechargeables sur un aeronef basee sur l'identite d'entites, procede d'authenfication, systeme et aeronef associes |
| JP5052367B2 (ja) * | 2008-02-20 | 2012-10-17 | 株式会社リコー | 画像処理装置、認証パッケージインストール方法、認証パッケージインストールプログラム、及び記録媒体 |
| JP5630261B2 (ja) * | 2010-12-27 | 2014-11-26 | 日本電気株式会社 | コンテンツ管理システム、管理サーバ、コンテンツ管理方法、及びプログラム |
| FR3113963B1 (fr) * | 2020-09-10 | 2023-06-30 | Thales Sa | Chaine de confiance avancee en aeronautique domaine de l'invention |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US4558176A (en) * | 1982-09-20 | 1985-12-10 | Arnold Mark G | Computer systems to inhibit unauthorized copying, unauthorized usage, and automated cracking of protected software |
| US4634807A (en) * | 1984-08-23 | 1987-01-06 | National Research Development Corp. | Software protection device |
| US4670857A (en) * | 1981-10-26 | 1987-06-02 | Rackman Michael I | Cartridge-controlled system whose use is limited to authorized cartridges |
| US5343527A (en) * | 1993-10-27 | 1994-08-30 | International Business Machines Corporation | Hybrid encryption method and system for protecting reusable software components |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US4868877A (en) * | 1988-02-12 | 1989-09-19 | Fischer Addison M | Public key/signature cryptosystem with enhanced digital signature certification |
-
1994
- 1994-06-10 US US08/258,244 patent/US5724425A/en not_active Expired - Lifetime
-
1995
- 1995-05-31 DE DE69534212T patent/DE69534212T8/de not_active Expired - Fee Related
- 1995-05-31 EP EP95303720A patent/EP0686906B1/de not_active Expired - Lifetime
- 1995-06-12 JP JP7144507A patent/JPH08166879A/ja active Pending
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US4670857A (en) * | 1981-10-26 | 1987-06-02 | Rackman Michael I | Cartridge-controlled system whose use is limited to authorized cartridges |
| US4558176A (en) * | 1982-09-20 | 1985-12-10 | Arnold Mark G | Computer systems to inhibit unauthorized copying, unauthorized usage, and automated cracking of protected software |
| US4634807A (en) * | 1984-08-23 | 1987-01-06 | National Research Development Corp. | Software protection device |
| US5343527A (en) * | 1993-10-27 | 1994-08-30 | International Business Machines Corporation | Hybrid encryption method and system for protecting reusable software components |
Non-Patent Citations (4)
| Title |
|---|
| Davida et al., "Defending Systems Against Viruses through Cryptographic Authentication", IEEE Symposium, 1989, pp. 312-318. |
| Davida et al., Defending Systems Against Viruses through Cryptographic Authentication , IEEE Symposium, 1989, pp. 312 318. * |
| RSA Data Security, Inc., "RSA Certificate Services", Jul. 15, 1993, pp. 1-41. |
| RSA Data Security, Inc., RSA Certificate Services , Jul. 15, 1993, pp. 1 41. * |
Cited By (610)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US8892495B2 (en) | 1991-12-23 | 2014-11-18 | Blanding Hovenweep, Llc | Adaptive pattern recognition based controller apparatus and method and human-interface therefore |
| USRE48056E1 (en) * | 1991-12-23 | 2020-06-16 | Blanding Hovenweep, Llc | Ergonomic man-machine interface incorporating adaptive pattern recognition based control system |
| USRE47908E1 (en) * | 1991-12-23 | 2020-03-17 | Blanding Hovenweep, Llc | Ergonomic man-machine interface incorporating adaptive pattern recognition based control system |
| US20070083656A1 (en) * | 1994-05-13 | 2007-04-12 | J2 Global Communications, Inc. | Systems and method for storing, delivering, and managing messages |
| US7895313B2 (en) | 1994-05-13 | 2011-02-22 | Advanced Messaging Technologies, Inc. | Systems and methods for storing, delivering, and managing messages |
| US7730299B2 (en) | 1994-10-12 | 2010-06-01 | Secure Computing, Llc | System and method for providing secure internetwork services via an assured pipeline |
| US20070226789A1 (en) * | 1994-10-12 | 2007-09-27 | Secure Computing Corporation | System and method for providing secure internetwork services via an assured pipeline |
| US20060106722A1 (en) * | 1994-11-23 | 2006-05-18 | Contentguard Holdings, Inc. | Usage rights grammar and digital works having usage rights created with the grammar |
| US7788182B2 (en) | 1994-11-23 | 2010-08-31 | Contentguard Holdings, Inc. | Method for loaning digital works |
| US9727876B2 (en) | 1994-11-23 | 2017-08-08 | Contentguard Holdings, Inc. | System and method for permitting use of content using transfer rights |
| US20100106659A1 (en) * | 1994-11-23 | 2010-04-29 | Contentguard Holdings, Inc. | System and method for enforcing usage rights associated with digital content |
| US9953328B2 (en) | 1994-11-23 | 2018-04-24 | Contentguard Holdings, Inc. | Method and system for conducting transactions between repositories |
| US8484751B2 (en) | 1994-11-23 | 2013-07-09 | Contentguard Holdings, Inc. | System and method for permitting use of content |
| US20060190404A1 (en) * | 1994-11-23 | 2006-08-24 | Contentguard Holdings, Inc. | System for controlling the distribution and use of digital works |
| US20100106658A1 (en) * | 1994-11-23 | 2010-04-29 | Contentguard Holdings, Inc. | System and method for rendering content associated with a digital work |
| US8170955B2 (en) | 1994-11-23 | 2012-05-01 | Contentguard Holdings, Inc. | System and method for enforcing usage rights associated with digital content |
| US7809644B2 (en) | 1994-11-23 | 2010-10-05 | Contentguard Holdings, Inc. | Digital work structure |
| US7664708B2 (en) | 1994-11-23 | 2010-02-16 | Contentguard Holdings, Inc. | System for controlling the distribution and use of digital works using digital tickets |
| US20130006871A1 (en) * | 1994-11-23 | 2013-01-03 | Contentguard Holdings, Inc. | System and method for participating in transactions between computing devices |
| US20060167801A1 (en) * | 1994-11-23 | 2006-07-27 | Contentguard Holdings, Inc. | Method and apparatus for client customization by executing software parts on plural servers |
| US20060149680A1 (en) * | 1994-11-23 | 2006-07-06 | Contentguard Holdings, Inc. | System for controlling the distribution and use of digital works |
| US8671461B2 (en) | 1994-11-23 | 2014-03-11 | Contentguard Holdings, Inc. | System, apparatus, and media for granting access to and utilizing content |
| US20060129493A1 (en) * | 1994-11-23 | 2006-06-15 | Contentguard Holdings, Inc. | Usage rights grammar and digital works having usage rights created with the grammar |
| US20050251482A1 (en) * | 1994-11-23 | 2005-11-10 | Content Guard Holdings, Inc. | Digital work structure |
| US20060200417A1 (en) * | 1994-11-23 | 2006-09-07 | Xerox Corporation | Method for loaning digital works |
| US20060129492A1 (en) * | 1994-11-23 | 2006-06-15 | Contentguard Holdings, Inc. | Usage rights grammar and digital works having usage rights created with the grammar |
| US9734506B2 (en) | 1994-11-23 | 2017-08-15 | Contentguard Holdings, Inc. | System and method for controlling utilization of content |
| US20130006870A1 (en) * | 1994-11-23 | 2013-01-03 | Contentguard Holdings, Inc. | System and method for participating in transactions between computing devices |
| US20100212027A1 (en) * | 1994-11-23 | 2010-08-19 | Contentguard Holdings, Inc. | System and method for rendering content associated with a digital work |
| US7970709B2 (en) | 1994-11-23 | 2011-06-28 | Contentguard Holdings, Inc. | Method and apparatus for client customization by executing software parts on plural servers |
| US7505945B2 (en) * | 1995-02-08 | 2009-03-17 | Cryptomathic A/S | Electronic negotiable documents |
| US20010016838A1 (en) * | 1995-02-08 | 2001-08-23 | Peter Landrock | Electronic negotiable documents |
| US8185473B2 (en) | 1995-02-13 | 2012-05-22 | Intertrust Technologies Corporation | Trusted infrastructure support systems, methods and techniques for secure electronic commerce, electronic transactions, commerce process control and automation, distributed computing, and rights management |
| US20040103305A1 (en) * | 1995-02-13 | 2004-05-27 | Intertrust Technologies Corp. | Systems and methods for secure transaction management and electronic rights protection |
| US20050182956A1 (en) * | 1995-02-13 | 2005-08-18 | Intertrust Technologies Corporation | Trusted and secure techniques, systems and methods for item delivery and execution |
| US20060200392A1 (en) * | 1995-02-13 | 2006-09-07 | Intertrust Technologies Corp. | Cryptographic methods, apparatus and systems for storage media electronic rights management in closed and connected appliances |
| US7917749B2 (en) | 1995-02-13 | 2011-03-29 | Intertrust Technologies Corporation | Systems and methods for secure transaction management and electronic rights protection |
| US8543842B2 (en) | 1995-02-13 | 2013-09-24 | Intertrust Technologies Corporation | System and methods for secure transaction management and electronics rights protection |
| US20060242075A1 (en) * | 1995-02-13 | 2006-10-26 | Intertrust Technologies Corp. | Trusted infrastructure support systems, methods and techniques for secure electronic commerce, electronic transactions, commerce process control and automation, distributed computing and rights management |
| US20050246541A1 (en) * | 1995-02-13 | 2005-11-03 | Intertrust Technologies Corporation | Trusted and secure techniques, systems and methods for item delivery and execution |
| US7844835B2 (en) | 1995-02-13 | 2010-11-30 | Intertrust Technologies Corporation | Systems and methods for secure transaction management and electronic rights protection |
| US6658568B1 (en) | 1995-02-13 | 2003-12-02 | Intertrust Technologies Corporation | Trusted infrastructure support system, methods and techniques for secure electronic commerce transaction and rights management |
| US20070064943A1 (en) * | 1995-02-13 | 2007-03-22 | Intertrust Technologies Corp. | Systems and methods for secure transaction management and electronic rights protection |
| US20070061594A1 (en) * | 1995-02-13 | 2007-03-15 | Intertrust Technologies Corp. | Systems and methods for secure transaction management and electronic rights protection |
| US20040123129A1 (en) * | 1995-02-13 | 2004-06-24 | Intertrust Technologies Corp. | Trusted infrastructure support systems, methods and techniques for secure electronic commerce transaction and rights management |
| US20010042043A1 (en) * | 1995-02-13 | 2001-11-15 | Intertrust Technologies Corp. | Cryptographic methods, apparatus and systems for storage media electronic rights management in closed and connected appliances |
| US8751793B2 (en) | 1995-02-13 | 2014-06-10 | Intertrust Technologies Corp. | Trusted infrastructure support systems, methods and techniques for secure electronic commerce transaction and rights management |
| US5870469A (en) * | 1995-03-23 | 1999-02-09 | Giesecke & Devrient Gmbh | Method for testing the intactness of stored data in a processing facility for sheet material such as bank notes or papers of value |
| US8001096B2 (en) | 1995-04-11 | 2011-08-16 | Kinetech, Inc. | Computer file system using content-dependent file identifiers |
| US7945539B2 (en) | 1995-04-11 | 2011-05-17 | Kinetech, Inc. | Distributing and accessing data in a data processing system |
| US7949662B2 (en) | 1995-04-11 | 2011-05-24 | Kinetech, Inc. | De-duplication of data in a data processing system |
| US7945544B2 (en) | 1995-04-11 | 2011-05-17 | Kinetech, Inc. | Similarity-based access control of data in a data processing system |
| US20110231647A1 (en) * | 1995-04-11 | 2011-09-22 | Kientech, Inc. | Accessing data in a content-addressable data processing system |
| US20070185848A1 (en) * | 1995-04-11 | 2007-08-09 | Kinetech, Inc. | Accessing data in a data processing system |
| US8082262B2 (en) | 1995-04-11 | 2011-12-20 | Personalweb Technologies, LLC | Methods, systems, and devices supporting data access in a data processing system |
| US20110225177A1 (en) * | 1995-04-11 | 2011-09-15 | Kinetech, Inc. | Accessing Data In A Content-Addressable Data Processing System |
| US20040139097A1 (en) * | 1995-04-11 | 2004-07-15 | Kinetech, Inc. | Identifying data in a data processing system |
| US7802310B2 (en) | 1995-04-11 | 2010-09-21 | Kinetech, Inc. | Controlling access to data in a data processing system |
| US20080065635A1 (en) * | 1995-04-11 | 2008-03-13 | Kinetech, Inc. | Similarity-based access control of data in a data processing system |
| US8099420B2 (en) | 1995-04-11 | 2012-01-17 | Personalweb Technologies, LLC | Accessing data in a data processing system |
| US20110196894A1 (en) * | 1995-04-11 | 2011-08-11 | Kinetech, Inc. | Accessing data in a data processing system |
| US20050114296A1 (en) * | 1995-04-11 | 2005-05-26 | Savvis, Inc. | Content delivery network and associated methods and mechanisms |
| US20080066191A1 (en) * | 1995-04-11 | 2008-03-13 | Kinetech, Inc. | Controlling access to data in a data processing system |
| US20080082551A1 (en) * | 1995-04-11 | 2008-04-03 | Kinetech, Inc. | Content delivery network |
| US20070083614A1 (en) * | 1995-04-28 | 2007-04-12 | J2 Global Communications, Inc. | Systems and method for storing, delivering, and managing messages |
| US7934148B2 (en) | 1995-04-28 | 2011-04-26 | Advanced Messaging Technologies, Inc. | Systems and method for storing, delivering, and managing messages |
| US20070081457A1 (en) * | 1995-04-28 | 2007-04-12 | J2 Global Communications, Inc. | Systems and method for storing, delivering, and managing messages |
| US7895306B2 (en) | 1995-04-28 | 2011-02-22 | Advanced Messaging Technologies, Inc. | Systems and methods for storing, delivering, and managing messages |
| US5933504A (en) * | 1995-05-18 | 1999-08-03 | Certicom Corp. | Strengthened public key protocol |
| US6563928B1 (en) | 1995-05-18 | 2003-05-13 | Certicom Corp. | Strengthened public key protocol |
| USRE44131E1 (en) | 1995-06-02 | 2013-04-02 | Fujitsu Limited | Storage device having function for coping with computer virus |
| US5899983A (en) * | 1995-09-26 | 1999-05-04 | Siemens Aktiengesellschaft | Method for using electronic information services with guarantee of the anonymity of users in relation to the operators of such services |
| US5946397A (en) * | 1995-10-03 | 1999-08-31 | Gemplus S.C.A. | Method of cryptography with public key based on the discrete logarithm |
| US6067575A (en) * | 1995-12-08 | 2000-05-23 | Sun Microsystems, Inc. | System and method for generating trusted, architecture specific, compiled versions of architecture neutral programs |
| US5943423A (en) * | 1995-12-15 | 1999-08-24 | Entegrity Solutions Corporation | Smart token system for secure electronic transactions and identification |
| US6219423B1 (en) | 1995-12-29 | 2001-04-17 | Intel Corporation | System and method for digitally signing a digital agreement between remotely located nodes |
| US9530150B2 (en) | 1996-01-19 | 2016-12-27 | Adcension, Llc | Compensation model for network services |
| US20100235233A1 (en) * | 1996-01-19 | 2010-09-16 | Beneficial Innovations, Inc. | Network gaming system |
| USRE44566E1 (en) | 1996-01-19 | 2013-10-29 | Beneficial Innovations, Inc. | Advertising system for the internet and local area networks |
| USRE44323E1 (en) | 1996-01-19 | 2013-06-25 | Beneficial Innovations, Inc. | Method and system for playing games on a network |
| US8065702B2 (en) | 1996-01-19 | 2011-11-22 | Beneficial Innovations, Inc. | Network advertising and game playing |
| US20090132440A1 (en) * | 1996-01-19 | 2009-05-21 | Dennis J. Dupray | Compensation model for network services |
| US6183366B1 (en) | 1996-01-19 | 2001-02-06 | Sheldon Goldberg | Network gaming system |
| US6712702B2 (en) | 1996-01-19 | 2004-03-30 | Sheldon F. Goldberg | Method and system for playing games on a network |
| US6264560B1 (en) | 1996-01-19 | 2001-07-24 | Sheldon F. Goldberg | Method and system for playing games on a network |
| US20090186704A1 (en) * | 1996-01-19 | 2009-07-23 | Beneficial Innovations, Inc. | Network advertising and game playing |
| US6332195B1 (en) | 1996-02-09 | 2001-12-18 | Secure Computing Corporation | Secure server utilizing separate protocol stacks |
| US7139759B2 (en) | 1996-03-22 | 2006-11-21 | Hitachi, Ltd. | Method and a device for managing a computer network |
| US6311277B1 (en) * | 1996-03-22 | 2001-10-30 | Hitachi, Ltd. | Method and device for managing computer network |
| US6226383B1 (en) * | 1996-04-17 | 2001-05-01 | Integrity Sciences, Inc. | Cryptographic methods for remote authentication |
| US5935246A (en) * | 1996-04-26 | 1999-08-10 | International Computers Limited | Electronic copy protection mechanism using challenge and response to prevent unauthorized execution of software |
| US20100014663A1 (en) * | 1996-05-17 | 2010-01-21 | Certicom Corp. | Strengthened public key protocol |
| US8229113B2 (en) | 1996-05-17 | 2012-07-24 | Certicom Corp. | Strengthened public key protocol |
| US8953787B2 (en) | 1996-05-17 | 2015-02-10 | Certicom Corp. | Strengthened public key protocol |
| US8983064B2 (en) | 1996-05-17 | 2015-03-17 | Certicom Corp. | Strengthened public key protocol |
| US7567669B2 (en) | 1996-05-17 | 2009-07-28 | Certicom Corp. | Strengthened public key protocol |
| US6317878B1 (en) * | 1996-05-22 | 2001-11-13 | Fujitsu Limited | Information processing system and recording media |
| US6263442B1 (en) * | 1996-05-30 | 2001-07-17 | Sun Microsystems, Inc. | System and method for securing a program's execution in a network environment |
| US6324525B1 (en) | 1996-06-17 | 2001-11-27 | Hewlett-Packard Company | Settlement of aggregated electronic transactions over a network |
| US6052469A (en) * | 1996-07-29 | 2000-04-18 | International Business Machines Corporation | Interoperable cryptographic key recovery system with verification by comparison |
| US20030041239A1 (en) * | 1996-08-12 | 2003-02-27 | Intertrust Technologies Corp. | Systems and methods using cryptography to protect secure computing environments |
| US6449367B2 (en) | 1996-08-12 | 2002-09-10 | Intertrust Technologies Corp. | Steganographic techniques for securely delivering electronic digital rights management control information over insecure communication channels |
| US20020023214A1 (en) * | 1996-08-12 | 2002-02-21 | Intertrust Technologies Corp. | Systems and methods using cryptography to protect secure computing environments |
| US7925898B2 (en) | 1996-08-12 | 2011-04-12 | Intertrust Technologies Corp. | Systems and methods using cryptography to protect secure computing environments |
| US8307212B2 (en) | 1996-08-12 | 2012-11-06 | Intertrust Technologies Corp. | Steganographic techniques for securely delivering electronic digital rights management control information over insecure communication channels |
| US20060248353A1 (en) * | 1996-08-12 | 2006-11-02 | Shear Victor H | Systems and methods using cryptography to protect secure computing environments |
| US6618484B2 (en) | 1996-08-12 | 2003-09-09 | Intertrust Technologies Corporation | Steganographic techniques for securely delivering electronic digital rights management control information over insecure communication channels |
| US8533851B2 (en) | 1996-08-30 | 2013-09-10 | Intertrust Technologies Corporation | Systems and methods for secure transaction management and electronic rights protection |
| US20030163431A1 (en) * | 1996-08-30 | 2003-08-28 | Intertrust Technologies Corp. | Systems and methods for secure transaction management and electronic rights protection |
| US5950195A (en) * | 1996-09-18 | 1999-09-07 | Secure Computing Corporation | Generalized security policy management system and method |
| US6181803B1 (en) | 1996-09-30 | 2001-01-30 | Intel Corporation | Apparatus and method for securely processing biometric information to control access to a node |
| US5946396A (en) * | 1996-10-25 | 1999-08-31 | Intel Corporation | System and method for ensuring integrity of audio |
| US6804780B1 (en) | 1996-11-08 | 2004-10-12 | Finjan Software, Ltd. | System and method for protecting a computer and a network from hostile downloadables |
| US6092194A (en) * | 1996-11-08 | 2000-07-18 | Finjan Software, Ltd. | System and method for protecting a computer and a network from hostile downloadables |
| US9189621B2 (en) | 1996-11-08 | 2015-11-17 | Finjan, Inc. | Malicious mobile code runtime monitoring system and methods |
| US6154844A (en) * | 1996-11-08 | 2000-11-28 | Finjan Software, Ltd. | System and method for attaching a downloadable security profile to a downloadable |
| US9219755B2 (en) | 1996-11-08 | 2015-12-22 | Finjan, Inc. | Malicious mobile code runtime monitoring system and methods |
| US6167520A (en) * | 1996-11-08 | 2000-12-26 | Finjan Software, Inc. | System and method for protecting a client during runtime from hostile downloadables |
| US9141786B2 (en) | 1996-11-08 | 2015-09-22 | Finjan, Inc. | Malicious mobile code runtime monitoring system and methods |
| US6480962B1 (en) | 1996-11-08 | 2002-11-12 | Finjan Software, Ltd. | System and method for protecting a client during runtime from hostile downloadables |
| US9444844B2 (en) | 1996-11-08 | 2016-09-13 | Finjan, Inc. | Malicious mobile code runtime monitoring system and methods |
| US5878417A (en) * | 1996-11-20 | 1999-03-02 | International Business Machines Corporation | Method and apparatus for network security in browser based interfaces |
| US6169803B1 (en) * | 1997-01-24 | 2001-01-02 | Nec Corporation | Encryption key processing system to be incorporated into data recovery system or key setting system for generating encryption key |
| US20050021477A1 (en) * | 1997-01-29 | 2005-01-27 | Ganapathy Krishnan | Method and system for securely incorporating electronic information into an online purchasing application |
| US8677494B2 (en) | 1997-01-29 | 2014-03-18 | Finjan, Inc. | Malicious mobile code runtime monitoring system and methods |
| US5949877A (en) * | 1997-01-30 | 1999-09-07 | Intel Corporation | Content protection for transmission systems |
| US6148401A (en) * | 1997-02-05 | 2000-11-14 | At&T Corp. | System and method for providing assurance to a host that a piece of software possesses a particular property |
| WO1998034365A1 (en) * | 1997-02-05 | 1998-08-06 | At & T Corp. | System and method for providing software property assurance to a host |
| US20060053158A1 (en) * | 1997-02-25 | 2006-03-09 | Intertrust Technologies Corp. | Techniques for defining, using and manipulating rights management data structures |
| US20080016103A1 (en) * | 1997-02-25 | 2008-01-17 | Intertrust Technologies Corp. | Techniques for Defining, Using and Manipulating Rights Management Data Structures |
| US20080114790A1 (en) * | 1997-02-25 | 2008-05-15 | Intertrust Technolgies Corp. | Techniques for Defining, Using and Manipulating Rights Management Data Structures |
| US6138119A (en) | 1997-02-25 | 2000-10-24 | Intertrust Technologies Corp. | Techniques for defining, using and manipulating rights management data structures |
| US9438577B2 (en) | 1997-03-10 | 2016-09-06 | Dell Software Inc. | Query interface to policy server |
| US9276920B2 (en) | 1997-03-10 | 2016-03-01 | Dell Software Inc. | Tunneling using encryption |
| US9331992B2 (en) * | 1997-03-10 | 2016-05-03 | Dell Software Inc. | Access control |
| USRE46439E1 (en) | 1997-03-10 | 2017-06-13 | Dropbox, Inc. | Distributed administration of access to information and interface for same |
| US20140059646A1 (en) * | 1997-03-10 | 2014-02-27 | Sonicwall, Inc. | Query Interface to Policy Server |
| US20140059645A1 (en) * | 1997-03-10 | 2014-02-27 | Sonicwall, Inc. | Query Interface to Policy Server |
| US9154489B2 (en) * | 1997-03-10 | 2015-10-06 | Dell Software Inc. | Query interface to policy server |
| US6108420A (en) * | 1997-04-10 | 2000-08-22 | Channelware Inc. | Method and system for networked installation of uniquely customized, authenticable, and traceable software application |
| US6820200B2 (en) | 1997-04-30 | 2004-11-16 | Sony Corporation | Information processing apparatus and method and recording medium |
| US6647495B1 (en) * | 1997-04-30 | 2003-11-11 | Sony Corporation | Information processing apparatus and method and recording medium |
| US5999921A (en) * | 1997-04-30 | 1999-12-07 | Pitney Bowes Inc. | Electronic postage meter system having plural clock system providing enhanced security |
| US6381698B1 (en) | 1997-05-21 | 2002-04-30 | At&T Corp | System and method for providing assurance to a host that a piece of software possesses a particular property |
| US6253322B1 (en) * | 1997-05-21 | 2001-06-26 | Hitachi, Ltd. | Electronic certification authentication method and system |
| US6148404A (en) * | 1997-05-28 | 2000-11-14 | Nihon Unisys, Ltd. | Authentication system using authentication information valid one-time |
| US6678665B1 (en) * | 1997-05-28 | 2004-01-13 | Fujitsu Siemens Computer | Computer system for protecting software and a method for protecting software |
| US5958073A (en) * | 1997-05-30 | 1999-09-28 | Motorola, Inc. | Reliability enhanced processing system and method for optimizing |
| US6122372A (en) * | 1997-06-04 | 2000-09-19 | Signet Assurance Company Llc | System and method for encapsulating transaction messages with verifiable data generated identifiers |
| US5968136A (en) * | 1997-06-05 | 1999-10-19 | Sun Microsystems, Inc. | Apparatus and method for secure device addressing |
| US6668325B1 (en) | 1997-06-09 | 2003-12-23 | Intertrust Technologies | Obfuscation techniques for enhancing software security |
| JP3363379B2 (ja) | 1997-06-20 | 2003-01-08 | インターナショナル・ビジネス・マシーンズ・コーポレーション | 安全な記憶領域内のアプリケーション・データを保護する方法及び装置 |
| US6175924B1 (en) | 1997-06-20 | 2001-01-16 | International Business Machines Corp. | Method and apparatus for protecting application data in secure storage areas |
| JPH1124919A (ja) * | 1997-06-20 | 1999-01-29 | Internatl Business Mach Corp <Ibm> | 安全な記憶領域でアプリケーション・データを保護する方法及び装置 |
| US6108425A (en) * | 1997-06-30 | 2000-08-22 | International Business Machines Corporation | Method and apparatus for controlling the configuration of a cryptographic processor |
| US6334118B1 (en) * | 1997-07-31 | 2001-12-25 | Siemens Aktiengesellschaft | Software rental system and method for renting software |
| US6233567B1 (en) * | 1997-08-29 | 2001-05-15 | Intel Corporation | Method and apparatus for software licensing electronically distributed programs |
| US20090034730A1 (en) * | 1997-10-28 | 2009-02-05 | Encorus Holdings Limited | Process for digital signing of a message |
| US7774609B2 (en) | 1997-10-28 | 2010-08-10 | First Data Mobile Holdings Limited | Process for digital signing of a message |
| US6292897B1 (en) * | 1997-11-03 | 2001-09-18 | International Business Machines Corporation | Undeniable certificates for digital signature verification |
| US20030046244A1 (en) * | 1997-11-06 | 2003-03-06 | Intertrust Technologies Corp. | Methods for matching, selecting, and/or classifying based on rights management and/or other information |
| US20050240999A1 (en) * | 1997-11-06 | 2005-10-27 | Moshe Rubin | Method and system for adaptive rule-based content scanners for desktop computers |
| US20050005107A1 (en) * | 1997-11-06 | 2005-01-06 | Shlomo Touboul | Method and system for caching at secure gateways |
| US20060149968A1 (en) * | 1997-11-06 | 2006-07-06 | Edery Yigal M | Method and system for protecting a computer and a network from hostile downloadables |
| US8225408B2 (en) | 1997-11-06 | 2012-07-17 | Finjan, Inc. | Method and system for adaptive rule-based content scanners |
| US8079086B1 (en) | 1997-11-06 | 2011-12-13 | Finjan, Inc. | Malicious mobile code runtime monitoring system and methods |
| US7613926B2 (en) | 1997-11-06 | 2009-11-03 | Finjan Software, Ltd | Method and system for protecting a computer and a network from hostile downloadables |
| US7975305B2 (en) | 1997-11-06 | 2011-07-05 | Finjan, Inc. | Method and system for adaptive rule-based content scanners for desktop computers |
| US20050108554A1 (en) * | 1997-11-06 | 2005-05-19 | Moshe Rubin | Method and system for adaptive rule-based content scanners |
| US7418731B2 (en) | 1997-11-06 | 2008-08-26 | Finjan Software, Ltd. | Method and system for caching at secure gateways |
| WO1999035583A2 (en) * | 1997-12-22 | 1999-07-15 | Finjan Software, Ltd. | System and method for attaching a downloadable security profile to a downloadable |
| WO1999035583A3 (en) * | 1997-12-22 | 1999-09-16 | Finjan Software Ltd | System and method for attaching a downloadable security profile to a downloadable |
| US6298153B1 (en) * | 1998-01-16 | 2001-10-02 | Canon Kabushiki Kaisha | Digital signature method and information communication system and apparatus using such method |
| US6308270B1 (en) | 1998-02-13 | 2001-10-23 | Schlumberger Technologies, Inc. | Validating and certifying execution of a software program with a smart card |
| US6430606B1 (en) | 1998-03-16 | 2002-08-06 | Jazio, Inc. | High speed signaling for interfacing VLSI CMOS circuits |
| US6160423A (en) * | 1998-03-16 | 2000-12-12 | Jazio, Inc. | High speed source synchronous signaling for interfacing VLSI CMOS circuits to transmission lines |
| US6151648A (en) * | 1998-03-16 | 2000-11-21 | Jazio, Inc. | High speed bus system and method for using voltage and timing oscillating references for signal detection |
| US6189146B1 (en) * | 1998-03-18 | 2001-02-13 | Microsoft Corporation | System and method for software licensing |
| US20050102240A1 (en) * | 1998-03-18 | 2005-05-12 | Microsoft Corporation | System and method for software licensing |
| US7171662B1 (en) * | 1998-03-18 | 2007-01-30 | Microsoft Corporation | System and method for software licensing |
| US7809648B2 (en) * | 1998-03-18 | 2010-10-05 | Microsoft Corporation | System and method for software licensing |
| US6725378B1 (en) | 1998-04-15 | 2004-04-20 | Purdue Research Foundation | Network protection for denial of service attacks |
| US6199113B1 (en) * | 1998-04-15 | 2001-03-06 | Sun Microsystems, Inc. | Apparatus and method for providing trusted network security |
| USRE44220E1 (en) | 1998-06-18 | 2013-05-14 | Zih Corp. | Electronic identification system and method with source authenticity |
| US6256393B1 (en) * | 1998-06-23 | 2001-07-03 | General Instrument Corporation | Authorization and access control of software object residing in set-top terminals |
| US20070011174A1 (en) * | 1998-09-22 | 2007-01-11 | Kazuo Takaragi | Method and a device for managing a computer network |
| US7711714B2 (en) | 1998-09-22 | 2010-05-04 | Hitachi, Ltd. | Method and a device for sterilizing downloaded files |
| US8116451B2 (en) | 1998-10-14 | 2012-02-14 | Certicom Corporation | Key validation scheme |
| US8594324B2 (en) | 1998-10-14 | 2013-11-26 | Certicom Corp. | Key validation scheme |
| US7215773B1 (en) | 1998-10-14 | 2007-05-08 | Certicom.Corp. | Key validation scheme |
| US20070147607A1 (en) * | 1998-10-14 | 2007-06-28 | Johnson Donald B | Key validation scheme |
| US7711685B1 (en) | 1998-10-16 | 2010-05-04 | Computer Associates Think, Inc. | Method and system for an extensible macro language |
| US6385610B1 (en) * | 1998-10-16 | 2002-05-07 | Computer Associates Think, Inc. | Method and apparatus for identifying and visualizing differences in object model diagrams |
| US7386727B1 (en) | 1998-10-24 | 2008-06-10 | Encorus Holdings Limited | Method for digital signing of a message |
| US7302709B2 (en) | 1998-10-26 | 2007-11-27 | Microsoft Corporation | Key-based secure storage |
| US20060021064A1 (en) * | 1998-10-26 | 2006-01-26 | Microsoft Corporation | Key-based secure storage |
| US20030196085A1 (en) * | 1998-10-26 | 2003-10-16 | Lampson Butler W. | System and method for authenticating an operating system |
| US7415620B2 (en) | 1998-10-26 | 2008-08-19 | Microsoft Corporation | System and method for authenticating an operating system to a central processing unit, providing the CPU/OS with secure storage, and authenticating the CPU/OS to a third party |
| US7434263B2 (en) | 1998-10-26 | 2008-10-07 | Microsoft Corporation | System and method for secure storage data using a key |
| US7424606B2 (en) * | 1998-10-26 | 2008-09-09 | Microsoft Corporation | System and method for authenticating an operating system |
| US20030196111A1 (en) * | 1998-10-26 | 2003-10-16 | Lampson Butler W. | Attesting to a value of a register and/or memory region |
| US7356682B2 (en) | 1998-10-26 | 2008-04-08 | Microsoft Corporation | Attesting to a value of a register and/or memory region |
| US20050060549A1 (en) * | 1998-10-26 | 2005-03-17 | Microsoft Corporation | Controlling access to content based on certificates and access predicates |
| US20030196099A1 (en) * | 1998-10-26 | 2003-10-16 | Lampson Butler W. | System and method for secure storage of data using public and private keys |
| US20030194094A1 (en) * | 1998-10-26 | 2003-10-16 | Lampson Butler W. | System and method for secure storage data using a key |
| US7543336B2 (en) | 1998-10-26 | 2009-06-02 | Microsoft Corporation | System and method for secure storage of data using public and private keys |
| US20070118738A1 (en) * | 1998-10-26 | 2007-05-24 | Microsoft Corporation | System and Method for Authenticating an Operating System to a Central Processing Unit, Providing the CPU/OS with Secure Storage, and Authenticating the CPU/OS to a Third Party |
| US20070118769A1 (en) * | 1998-10-26 | 2007-05-24 | Microsoft Corporation | System and Method for Authenticating an Operating System to a Central Processing Unit, Providing the CPU/OS with Secure Storage, and Authenticating the CPU/OS to a Third Party |
| US20070104329A1 (en) * | 1998-10-26 | 2007-05-10 | Microsoft Corporation | System and Method for Authenticating an Operating System to a Central Processing Unit, Providing the CPU/OS with Secure Storage, and Authenticating the CPU/OS to a Third Party |
| US7529919B2 (en) | 1998-10-26 | 2009-05-05 | Microsoft Corporation | Boot blocks for software |
| US7457412B2 (en) | 1998-10-26 | 2008-11-25 | Microsoft Corporation | System and method for authenticating an operating system to a central processing unit, providing the CPU/OS with secure storage, and authenticating the CPU/OS to a third party |
| US6901371B1 (en) | 1998-11-25 | 2005-05-31 | Ge Medical Systems Global Technology Company, Llc | Imaging system protocol handling method and apparatus |
| US6272469B1 (en) | 1998-11-25 | 2001-08-07 | Ge Medical Systems Global Technology Company, Llc | Imaging system protocol handling method and apparatus |
| US6988074B2 (en) * | 1998-11-25 | 2006-01-17 | Ge Medical Systems Global Technology Company, Llc | Imaging system protocol handling method and apparatus |
| US6408075B1 (en) * | 1998-11-30 | 2002-06-18 | Hitachi, Ltd. | Information processing equipment and IC card |
| US7181602B1 (en) * | 1999-01-25 | 2007-02-20 | Giesecke & Devrient Gmbh | Method for exchanging at least one secret initial value between a processing station and a chip card |
| US9535563B2 (en) | 1999-02-01 | 2017-01-03 | Blanding Hovenweep, Llc | Internet appliance system and method |
| US6763467B1 (en) | 1999-02-03 | 2004-07-13 | Cybersoft, Inc. | Network traffic intercepting method and system |
| US7197639B1 (en) * | 1999-02-05 | 2007-03-27 | Rsa Security Inc. | Cryptographic countermeasures against connection depletion attacks |
| US6766305B1 (en) * | 1999-03-12 | 2004-07-20 | Curl Corporation | Licensing system and method for freely distributed information |
| US7680744B2 (en) * | 1999-03-27 | 2010-03-16 | Microsoft Corporation | Method for interdependently validating a digital content package and a corresponding digital license |
| US20050192907A1 (en) * | 1999-03-27 | 2005-09-01 | Microsoft Corporation | Method for interdependently validating a digital content package and a corresponding digital license |
| US9246916B2 (en) | 1999-03-27 | 2016-01-26 | Microsoft Technology Licensing, Llc | Specifying rights in a digital rights license according to events |
| US20100024044A1 (en) * | 1999-03-27 | 2010-01-28 | Microsoft Corporation | Specifying rights in a digital rights license according to events |
| US7685425B1 (en) * | 1999-03-31 | 2010-03-23 | British Telecommunications Public Limited Company | Server computer for guaranteeing files integrity |
| US6557105B1 (en) * | 1999-04-14 | 2003-04-29 | Tut Systems, Inc. | Apparatus and method for cryptographic-based license management |
| US7073197B2 (en) | 1999-05-05 | 2006-07-04 | Shieldip, Inc. | Methods and apparatus for protecting information |
| US20040133803A1 (en) * | 1999-05-05 | 2004-07-08 | Rabin Michael O. | Methods and apparatus for protecting information |
| US7131144B2 (en) | 1999-05-05 | 2006-10-31 | Shieldip, Inc. | Methods and apparatus for protecting information |
| US6442559B1 (en) * | 1999-06-22 | 2002-08-27 | Microsoft Corporation | Dynamic SKU management |
| US20050008153A1 (en) * | 1999-06-25 | 2005-01-13 | Barton Colleen A. | Method and logic for capturing and analyzing conduit data |
| US6658567B1 (en) | 1999-06-25 | 2003-12-02 | Geomechanics International, Inc. | Method and logic for locking geological data and an analyzer program that analyzes the geological data |
| US6578145B1 (en) * | 1999-06-29 | 2003-06-10 | Gilbarco Inc. | Methods and systems for securely communicating personal identification number information between a security module and a plurality of secure keypad devices |
| US20100115283A1 (en) * | 1999-07-29 | 2010-05-06 | Intertrust Technologies Corp. | Systems and methods for using cryptography to protect secure and insecure computing environments |
| US6684389B1 (en) * | 1999-08-05 | 2004-01-27 | Canon Kabushiki Kaisha | Compiler that decrypts encrypted source code |
| US7996669B2 (en) | 1999-08-13 | 2011-08-09 | Hewlett-Packard Development Company, L.P. | Computer platforms and their methods of operation |
| US7461249B1 (en) * | 1999-08-13 | 2008-12-02 | Hewlett-Packard Development Company, L.P. | Computer platforms and their methods of operation |
| US20090031141A1 (en) * | 1999-08-13 | 2009-01-29 | Hewlett-Packard Development Company, L.P. | Computer platforms and their methods of operation |
| US7469344B2 (en) * | 1999-08-18 | 2008-12-23 | Sun Microsystems, Inc. | Logic block used to check instruction buffer configuration |
| US6675298B1 (en) * | 1999-08-18 | 2004-01-06 | Sun Microsystems, Inc. | Execution of instructions using op code lengths longer than standard op code lengths to encode data |
| US6757831B1 (en) * | 1999-08-18 | 2004-06-29 | Sun Microsystems, Inc. | Logic block used to check instruction buffer configuration |
| US20050005157A1 (en) * | 1999-08-18 | 2005-01-06 | Sun Microsystems, Inc. | Logic block used to check instruction buffer configuration |
| US7181014B1 (en) | 1999-09-10 | 2007-02-20 | Cisco Technology, Inc. | Processing method for key exchange among broadcast or multicast groups that provides a more efficient substitute for Diffie-Hellman key exchange |
| US6987855B1 (en) * | 1999-09-10 | 2006-01-17 | Cisco Technology, Inc. | Operational optimization of a shared secret Diffie-Hellman key exchange among broadcast or multicast groups |
| US7434046B1 (en) | 1999-09-10 | 2008-10-07 | Cisco Technology, Inc. | Method and apparatus providing secure multicast group communication |
| US7660983B1 (en) | 1999-09-29 | 2010-02-09 | Cisco Technology, Inc. | Method and apparatus for creating a secure communication channel among multiple event service nodes |
| US7013389B1 (en) | 1999-09-29 | 2006-03-14 | Cisco Technology, Inc. | Method and apparatus for creating a secure communication channel among multiple event service nodes |
| US7260716B1 (en) | 1999-09-29 | 2007-08-21 | Cisco Technology, Inc. | Method for overcoming the single point of failure of the central group controller in a binary tree group key exchange approach |
| US20080082446A1 (en) * | 1999-10-01 | 2008-04-03 | Hicks Christian B | Remote Authorization for Unlocking Electronic Data System and Method |
| US20050160401A1 (en) * | 1999-10-16 | 2005-07-21 | Computer Associates Think, Inc. | System and method for adding user-defined objects to a modeling tool |
| US20060225030A1 (en) * | 1999-10-16 | 2006-10-05 | Deffler Tad A | Method and System for Generating Dynamic Comparison Models |
| US7734457B2 (en) | 1999-10-16 | 2010-06-08 | Computer Associates Think, Inc. | Method and system for generating dynamic comparison models |
| US20020129270A1 (en) * | 1999-10-18 | 2002-09-12 | Siemens Ag | Electronic device for providing software protection |
| US7039713B1 (en) * | 1999-11-09 | 2006-05-02 | Microsoft Corporation | System and method of user authentication for network communication through a policy agent |
| US7562395B2 (en) * | 1999-12-17 | 2009-07-14 | Microsoft Corporation | System and method for accessing protected content in a rights-management architecture |
| US20090293116A1 (en) * | 1999-12-17 | 2009-11-26 | Microsoft Corporation | Accessing Protected Content In A Rights-Management Architecture |
| US20050188228A1 (en) * | 1999-12-17 | 2005-08-25 | Microsoft Corporation | System and method for accessing protected content in a rights-management architecture |
| US7047411B1 (en) | 1999-12-17 | 2006-05-16 | Microsoft Corporation | Server for an electronic distribution system and method of operating same |
| US8032943B2 (en) * | 1999-12-17 | 2011-10-04 | Microsoft Corporation | Accessing protected content in a rights-management architecture |
| US6970849B1 (en) | 1999-12-17 | 2005-11-29 | Microsoft Corporation | Inter-server communication using request with encrypted parameter |
| US7707643B2 (en) * | 1999-12-17 | 2010-04-27 | Microsoft Corporation | System and method for accessing protected content in a rights-management architecture |
| US6996720B1 (en) * | 1999-12-17 | 2006-02-07 | Microsoft Corporation | System and method for accessing protected content in a rights-management architecture |
| US20050108556A1 (en) * | 1999-12-17 | 2005-05-19 | Microsoft Corporation | System and method for accessing protected content in a rights-management architecture |
| US6944765B1 (en) * | 1999-12-21 | 2005-09-13 | Qualcomm, Inc. | Method of authentication anonymous users while reducing potential for “middleman” fraud |
| US7103185B1 (en) | 1999-12-22 | 2006-09-05 | Cisco Technology, Inc. | Method and apparatus for distributing and updating private keys of multicast group managers using directory replication |
| US6901510B1 (en) | 1999-12-22 | 2005-05-31 | Cisco Technology, Inc. | Method and apparatus for distributing and updating group controllers over a wide area network using a tree structure |
| US7383436B2 (en) | 1999-12-22 | 2008-06-03 | Cisco Technology, Inc. | Method and apparatus for distributing and updating private keys of multicast group managers using directory replication |
| US7055175B1 (en) * | 2000-01-06 | 2006-05-30 | International Business Machines Corporation | Method and system for generating and using a virus free file certificate integrated within a file |
| US20050097317A1 (en) * | 2000-01-12 | 2005-05-05 | Jonathan Trostle | Directory enabled secure multicast group communications |
| US7089211B1 (en) | 2000-01-12 | 2006-08-08 | Cisco Technology, Inc. | Directory enabled secure multicast group communications |
| US7502927B2 (en) | 2000-01-12 | 2009-03-10 | Cisco Technology, Inc. | Directory enabled secure multicast group communications |
| US20010020256A1 (en) * | 2000-03-03 | 2001-09-06 | Akiyuki Hatakeyama | Information processing device and record medium |
| US6948072B2 (en) | 2000-03-03 | 2005-09-20 | Sony Computer Entertainment Inc. | Information processing device and record medium |
| US6895501B1 (en) | 2000-03-13 | 2005-05-17 | Wrq, Inc. | Method and apparatus for distributing, interpreting, and storing heterogeneous certificates in a homogenous public key infrastructure |
| US6687825B1 (en) | 2000-03-17 | 2004-02-03 | International Business Machines Corporation | Data processing system and method for protecting data in a hard drive utilizing a signature device |
| US7058822B2 (en) | 2000-03-30 | 2006-06-06 | Finjan Software, Ltd. | Malicious mobile code runtime monitoring system and methods |
| US7647633B2 (en) | 2000-03-30 | 2010-01-12 | Finjan Software, Ltd. | Malicious mobile code runtime monitoring system and methods |
| US20060026677A1 (en) * | 2000-03-30 | 2006-02-02 | Edery Yigal M | Malicious mobile code runtime monitoring system and methods |
| US20010044820A1 (en) * | 2000-04-06 | 2001-11-22 | Scott Adam Marc | Method and system for website content integrity assurance |
| US20020025043A1 (en) * | 2000-04-13 | 2002-02-28 | Bao Feng | Private retrieval of digital objects |
| US7231047B2 (en) * | 2000-04-13 | 2007-06-12 | Agency For Science, Technology And Research (A*Star) | Private retrieval of digital objects |
| WO2001080528A3 (en) * | 2000-04-14 | 2002-07-04 | Next Level Comm | Method and apparatus for test and verification of field and terminal equipment |
| WO2001080528A2 (en) * | 2000-04-14 | 2001-10-25 | Next Level Communications | Method and apparatus for test and verification of field and terminal equipment |
| US20040240704A1 (en) * | 2000-04-19 | 2004-12-02 | Reed Alastair M. | Applying digital watermarks using printing process correction |
| US6700995B2 (en) * | 2000-04-19 | 2004-03-02 | Digimarc Corporation | Applying digital watermarks using dot gain correction |
| US10552603B2 (en) | 2000-05-17 | 2020-02-04 | Finjan, Inc. | Malicious mobile code runtime monitoring system and methods |
| US7493486B1 (en) * | 2000-06-09 | 2009-02-17 | Verizon Laboratories, Inc. | Method and apparatus for supporting cryptographic-related activities in a public key infrastructure |
| US8826000B2 (en) | 2000-06-09 | 2014-09-02 | Verizon Laboratories Inc. | Method and apparatus for supporting cryptographic-related activities in a public key infrastructure |
| US20090138702A1 (en) * | 2000-06-09 | 2009-05-28 | Verizon Laboratories, Inc. | Method and apparatus for supporting cryptographic-related activities in a public key infrastructure |
| US20070058802A1 (en) * | 2000-06-22 | 2007-03-15 | Microsoft Corporation | Cryptosystem Based on a Jacobian of a Curve |
| US20070192397A1 (en) * | 2000-06-22 | 2007-08-16 | Microsoft Corporation | Cryptosystem Based on a Jacobian of a Curve |
| US7730315B2 (en) | 2000-06-22 | 2010-06-01 | Microsoft Corporation | Cryptosystem based on a Jacobian of a curve |
| US7051200B1 (en) | 2000-06-27 | 2006-05-23 | Microsoft Corporation | System and method for interfacing a software process to secure repositories |
| US7171692B1 (en) | 2000-06-27 | 2007-01-30 | Microsoft Corporation | Asynchronous communication within a server arrangement |
| US20040255115A1 (en) * | 2000-06-27 | 2004-12-16 | Microsoft Corporation | Method and system for binding enhanced software features to a persona |
| US7958373B2 (en) | 2000-06-27 | 2011-06-07 | Microsoft Corporation | Secure repository with layers of tamper resistance and system and method for providing same |
| US7861306B2 (en) | 2000-06-27 | 2010-12-28 | Microsoft Corporation | Method and system for limiting the use of user-specific software features |
| US8417968B2 (en) | 2000-06-27 | 2013-04-09 | Microsoft Corporation | Secure repository with layers of tamper resistance and system and method for providing same |
| US20050097056A1 (en) * | 2000-06-27 | 2005-05-05 | Microsoft Corporation | System and method for activating a rendering device in a multi-level rights-management architecture |
| US20060123025A1 (en) * | 2000-06-27 | 2006-06-08 | Microsoft Corporation | System and method for activating a rendering device in a multi-level rights-management architecture |
| US7430542B2 (en) | 2000-06-27 | 2008-09-30 | Microsoft Corporation | System and method for activating a rendering device in a multi-level rights-management architecture |
| US20050097057A1 (en) * | 2000-06-27 | 2005-05-05 | Microsoft Corporation | System and method for activating a rendering device in a multi-level rights-management architecture |
| US7017189B1 (en) | 2000-06-27 | 2006-03-21 | Microsoft Corporation | System and method for activating a rendering device in a multi-level rights-management architecture |
| US20110239005A1 (en) * | 2000-06-27 | 2011-09-29 | Microsoft Corporation | Secure Repository With Layers Of Tamper Resistance And System And Method For Providing Same |
| US7158953B1 (en) | 2000-06-27 | 2007-01-02 | Microsoft Corporation | Method and system for limiting the use of user-specific software features |
| US6981262B1 (en) | 2000-06-27 | 2005-12-27 | Microsoft Corporation | System and method for client interaction in a multi-level rights-management architecture |
| US7539875B1 (en) | 2000-06-27 | 2009-05-26 | Microsoft Corporation | Secure repository with layers of tamper resistance and system and method for providing same |
| US20050060266A1 (en) * | 2000-06-27 | 2005-03-17 | Microsoft Corporation | Method and system for limiting the use of user-specific software features |
| US6891953B1 (en) | 2000-06-27 | 2005-05-10 | Microsoft Corporation | Method and system for binding enhanced software features to a persona |
| US7823208B2 (en) | 2000-06-27 | 2010-10-26 | Microsoft Corporation | Method and system for binding enhanced software features to a persona |
| US7634429B2 (en) | 2000-06-30 | 2009-12-15 | Microsoft Corporation | Architecture for an electronic shopping service integratable with a software application |
| US6941457B1 (en) | 2000-06-30 | 2005-09-06 | Cisco Technology, Inc. | Establishing a new shared secret key over a broadcast channel for a multicast group based on an old shared secret key |
| US7225159B2 (en) | 2000-06-30 | 2007-05-29 | Microsoft Corporation | Method for authenticating and securing integrated bookstore entries |
| US20020002540A1 (en) * | 2000-06-30 | 2002-01-03 | Microsoft Corporation | Method for authenticating and securing integrated bookstore entries |
| US20050033663A1 (en) * | 2000-06-30 | 2005-02-10 | Microsoft Corporation | Architecture for an electronic shopping service integratable with a software application |
| US9922175B2 (en) | 2000-09-21 | 2018-03-20 | Blackberry Limited | Controlling access by code |
| US10032007B1 (en) | 2000-09-21 | 2018-07-24 | Blackberry Limited | Controlling access by code |
| US10437967B2 (en) | 2000-09-21 | 2019-10-08 | Blackberry Limited | Code signing system and method |
| US11030278B2 (en) | 2000-09-21 | 2021-06-08 | Blackberry Limited | Code signing system and method |
| US7024554B1 (en) * | 2000-09-29 | 2006-04-04 | Mindspeed Technologies, Inc. | Systems and methods that authorize target devices utilizing proprietary software and/or hardware |
| US6971023B1 (en) * | 2000-10-03 | 2005-11-29 | Mcafee, Inc. | Authorizing an additional computer program module for use with a core computer program |
| WO2002033884A2 (en) * | 2000-10-17 | 2002-04-25 | Sun Microsystems, Inc. | Method and apparatus for providing a key distribution center |
| US7395549B1 (en) | 2000-10-17 | 2008-07-01 | Sun Microsystems, Inc. | Method and apparatus for providing a key distribution center without storing long-term server secrets |
| WO2002033884A3 (en) * | 2000-10-17 | 2002-11-28 | Sun Microsystems Inc | Method and apparatus for providing a key distribution center |
| US8556698B2 (en) | 2000-10-19 | 2013-10-15 | Igt | Executing multiple applications and their variations in computing environments |
| US9836918B2 (en) | 2000-10-19 | 2017-12-05 | Igt | Remote configuration of gaming terminals |
| US20080045346A1 (en) * | 2000-10-19 | 2008-02-21 | Igt | Remote configuration of gaming terminals |
| US20040048671A1 (en) * | 2000-10-19 | 2004-03-11 | Igt | Gaming terminal data repository and information distribution system |
| US20070032288A1 (en) * | 2000-10-19 | 2007-02-08 | Igt | Remote configuration of gaming terminals |
| US8814650B2 (en) | 2000-10-19 | 2014-08-26 | Igt | Executing multiple applications and their variations in computing environments |
| US20070270212A1 (en) * | 2000-10-19 | 2007-11-22 | Igt | Executing multiple applications and their variations in computing environments |
| US9754447B2 (en) | 2000-10-19 | 2017-09-05 | Igt | Dynamic player notices for operational changes in gaming machines |
| US9251647B2 (en) | 2000-10-19 | 2016-02-02 | Igt | Remote configuration of gaming terminals |
| US6850161B1 (en) * | 2000-10-23 | 2005-02-01 | Verizon Corporate Services Group Inc. | Systems and methods for identifying and mapping conduit location |
| US7747873B2 (en) | 2000-11-03 | 2010-06-29 | Shieldip, Inc. | Method and apparatus for protecting information and privacy |
| US20050216760A1 (en) * | 2000-11-03 | 2005-09-29 | Shieldip, Inc. | Method and apparatus for protecting information and privacy |
| US8636596B2 (en) | 2000-11-04 | 2014-01-28 | Igt | Dynamic player notices for operational changes in gaming machines |
| US20050282638A1 (en) * | 2000-11-04 | 2005-12-22 | Igt | Dynamic player notices for operational changes in gaming machines |
| US20020108040A1 (en) * | 2000-11-13 | 2002-08-08 | Eskicioglu Ahmet M. | Threshold cryptography scheme for conditional access systems |
| US7224806B2 (en) | 2000-11-13 | 2007-05-29 | Thomson Licensing | Threshold cryptography scheme for conditional access systems |
| US20020095578A1 (en) * | 2000-11-22 | 2002-07-18 | Asahiko Yamada | System, method, and program for ensuring originality |
| US7100045B2 (en) * | 2000-11-22 | 2006-08-29 | Kabushiki Kaisha Toshiba | System, method, and program for ensuring originality |
| US20040180721A1 (en) * | 2000-12-21 | 2004-09-16 | Igt | Gaming terminal data repository and information distribution system |
| US20070197298A1 (en) * | 2001-02-02 | 2007-08-23 | Igt | Wide area program distribution and game information communication system |
| US8540576B2 (en) | 2001-02-02 | 2013-09-24 | Igt | Wide area program distribution and game information communication system |
| US20020112162A1 (en) * | 2001-02-13 | 2002-08-15 | Cocotis Thomas Andrew | Authentication and verification of Web page content |
| US7096497B2 (en) | 2001-03-30 | 2006-08-22 | Intel Corporation | File checking using remote signing authority via a network |
| US20020144121A1 (en) * | 2001-03-30 | 2002-10-03 | Ellison Carl M. | Checking file integrity using signature generated in isolated execution |
| US20020152173A1 (en) * | 2001-04-05 | 2002-10-17 | Rudd James M. | System and methods for managing the distribution of electronic content |
| US7904568B2 (en) | 2001-04-05 | 2011-03-08 | Intertrust Technologies Corporation | Systems and methods for managing the distribution of electronic content |
| US20100030869A1 (en) * | 2001-04-05 | 2010-02-04 | Intertrust Technologies Corporation | Systems and methods for managing the distribution of electronic content |
| US7580988B2 (en) * | 2001-04-05 | 2009-08-25 | Intertrust Technologies Corporation | System and methods for managing the distribution of electronic content |
| US7188342B2 (en) | 2001-04-20 | 2007-03-06 | Microsoft Corporation | Server controlled branding of client software deployed over computer networks |
| US20020157091A1 (en) * | 2001-04-20 | 2002-10-24 | Microsoft Corporation | Server controlled branding of client software deployed over computer networks |
| US7099663B2 (en) * | 2001-05-31 | 2006-08-29 | Qualcomm Inc. | Safe application distribution and execution in a wireless environment |
| US20060287958A1 (en) * | 2001-05-31 | 2006-12-21 | Laurence Lundblade | Safe application distribution and execution in a wireless environment |
| US8112076B2 (en) | 2001-05-31 | 2012-02-07 | Qualcomm Incorporated | Safe application distribution and execution in a wireless environment |
| US20100173608A1 (en) * | 2001-05-31 | 2010-07-08 | Laurence Lundblade | Safe application distribution and execution in a wireless environment |
| US20020183056A1 (en) * | 2001-05-31 | 2002-12-05 | Laurence Lundblade | Safe application distribution and execution in a wireless environment |
| USRE48001E1 (en) | 2001-05-31 | 2020-05-19 | Qualcomm Incorporated | Safe application distribution and execution in a wireless environment |
| US7684792B2 (en) | 2001-05-31 | 2010-03-23 | Qualcomm Incorporated | Safe application distribution and execution in a wireless environment |
| US8588766B2 (en) | 2001-05-31 | 2013-11-19 | Qualcomm Incorporated | Safe application distribution and execution in a wireless environment |
| US20030233552A1 (en) * | 2001-06-04 | 2003-12-18 | Adrian Baldwin | Packaging evidence for long term validation |
| US7107456B2 (en) * | 2001-06-04 | 2006-09-12 | Hewlett-Packard Development Company, L.P. | Packaging evidence for long term validation |
| US20020191785A1 (en) * | 2001-06-14 | 2002-12-19 | International Business Machines Corporation | Apparatus and method for encrypting and decrypting data with incremental data validation |
| US7343297B2 (en) | 2001-06-15 | 2008-03-11 | Microsoft Corporation | System and related methods for managing and enforcing software licenses |
| US20020194010A1 (en) * | 2001-06-15 | 2002-12-19 | Bergler Peter M. | System and related methods for managing and enforcing software licenses |
| US7809948B2 (en) * | 2001-06-19 | 2010-10-05 | International Business Machines Corporation | Cellular telephone device having authenticating capability |
| US20060107058A1 (en) * | 2001-06-19 | 2006-05-18 | International Business Machines Corporation | Method and apparatus for uniquely and authoritatively identifying tangible objects |
| US20060107060A1 (en) * | 2001-06-19 | 2006-05-18 | International Business Machines Corporation | Cellular telephone device having authenticating capability |
| US7783887B2 (en) | 2001-06-19 | 2010-08-24 | International Business Machines Corporation | Method and apparatus for providing television services using an authenticating television receiver device |
| US7797541B2 (en) * | 2001-06-19 | 2010-09-14 | International Business Machines Corporation | Method and apparatus for providing cellular telephone service using an authenticating cellular telephone device |
| US20060107057A1 (en) * | 2001-06-19 | 2006-05-18 | International Business Machines Corporation | Method and apparatus for providing television services using an authenticating television receiver device |
| US20060107059A1 (en) * | 2001-06-19 | 2006-05-18 | International Business Machines Corporation | Method and apparatus for providing cellular telephone service using an authenticating cellular telephone device |
| US7818578B2 (en) | 2001-06-19 | 2010-10-19 | International Business Machines Corporation | Method and apparatus for uniquely and authoritatively identifying tangible objects |
| US20030005327A1 (en) * | 2001-06-29 | 2003-01-02 | Julian Durand | System for protecting copyrighted materials |
| US20030005286A1 (en) * | 2001-06-29 | 2003-01-02 | Mcgarvey John R. | Methods, systems and computer program products for authentication between clients and servers using differing authentication protocols |
| US7287156B2 (en) | 2001-06-29 | 2007-10-23 | International Business Machines Corporation | Methods, systems and computer program products for authentication between clients and servers using differing authentication protocols |
| CN101145252B (zh) * | 2001-08-24 | 2010-08-11 | Zih公司 | 媒质保持器和媒质处理系统 |
| US8301886B2 (en) | 2001-08-24 | 2012-10-30 | Zih Corp. | Method and apparatus for article authentication |
| US7137000B2 (en) | 2001-08-24 | 2006-11-14 | Zih Corp. | Method and apparatus for article authentication |
| US20060191022A1 (en) * | 2001-08-24 | 2006-08-24 | Zih Corp. | Method and apparatus for article authentication |
| WO2003019459A3 (en) * | 2001-08-24 | 2004-03-04 | Zih Corp | Method and apparatus for article authentication |
| US7664257B2 (en) | 2001-08-24 | 2010-02-16 | Zih Corp. | Method and apparatus for article authentication |
| WO2003019459A2 (en) * | 2001-08-24 | 2003-03-06 | Zih Corp. | Method and apparatus for article authentication |
| US20100284531A1 (en) * | 2001-08-24 | 2010-11-11 | Zih Corp. | Method and apparatus for article authentication |
| US8667276B2 (en) | 2001-08-24 | 2014-03-04 | Zih Corp. | Method and apparatus for article authentication |
| US6993149B2 (en) | 2001-09-25 | 2006-01-31 | Digimarc Corporation | Embedding digital watermarks in spot colors |
| US20030058477A1 (en) * | 2001-09-25 | 2003-03-27 | Brunk Hugh L. | Embedding digital watermarks in spot colors |
| US6857714B2 (en) | 2001-10-01 | 2005-02-22 | Zih Corp. | Method and apparatus for associating on demand certain selected media and value-adding elements |
| US20030063139A1 (en) * | 2001-10-01 | 2003-04-03 | Hohberger Clive P. | Method and apparatus for associating on demand certain selected media and value-adding elements |
| US20050125658A1 (en) * | 2001-10-23 | 2005-06-09 | Yoshihiro Tsukamoto | Information processing apparatus |
| US20040005059A1 (en) * | 2001-11-05 | 2004-01-08 | Yoshihiko Suzuki | Correspondence education system and correspondence education method |
| US7334125B1 (en) | 2001-11-27 | 2008-02-19 | Cisco Technology, Inc. | Facilitating secure communications among multicast nodes in a telecommunications network |
| US7346781B2 (en) * | 2001-12-06 | 2008-03-18 | Mcafee, Inc. | Initiating execution of a computer program from an encrypted version of a computer program |
| US20030110387A1 (en) * | 2001-12-06 | 2003-06-12 | Cowie Neil Andrew | Initiating execution of a computer program from an encrypted version of a computer program |
| US20030120923A1 (en) * | 2001-12-21 | 2003-06-26 | Avaya Technology Corp. | Secure data authentication apparatus |
| US20030123665A1 (en) * | 2001-12-28 | 2003-07-03 | Dunstan Robert A. | Secure delivery of encrypted digital content |
| US7400729B2 (en) * | 2001-12-28 | 2008-07-15 | Intel Corporation | Secure delivery of encrypted digital content |
| US20030159045A1 (en) * | 2002-02-18 | 2003-08-21 | Fujitsu Limited | Original creating apparatus and originality guaranteeing apparatus |
| US9286603B2 (en) * | 2002-02-27 | 2016-03-15 | Oneempower Pte Ltd | Activity management method |
| US20030163427A1 (en) * | 2002-02-27 | 2003-08-28 | Nicholas Ho Chung Fung | Activity management method |
| US20110119500A1 (en) * | 2002-04-17 | 2011-05-19 | Microsoft Corporation | Saving and retrieving data based on public key encryption |
| US7424612B2 (en) | 2002-04-17 | 2008-09-09 | Microsoft Corporation | Saving and retrieving data based on symmetric key encryption |
| US20110119505A1 (en) * | 2002-04-17 | 2011-05-19 | Microsoft Corporation | Saving and retrieving data based on public key encryption |
| US20110154057A1 (en) * | 2002-04-17 | 2011-06-23 | Microsoft Corporation | Saving and retrieving data based on public key encryption |
| US7765397B2 (en) | 2002-04-17 | 2010-07-27 | Microsoft Corporation | Generating, migrating or exporting bound keys |
| US8601286B2 (en) | 2002-04-17 | 2013-12-03 | Microsoft Corporation | Saving and retrieving data based on public key encryption |
| US20110119501A1 (en) * | 2002-04-17 | 2011-05-19 | Microsoft Corporation | Saving and retrieving data based on public key encryption |
| US20070088946A1 (en) * | 2002-04-17 | 2007-04-19 | Microsoft Corporation | Saving and Retrieving Data Based on Symmetric Key Encryption |
| US20070067624A1 (en) * | 2002-04-17 | 2007-03-22 | Microsoft Corporation | Saving and Retrieving Data Based on Symmetric Key Encryption |
| US7752456B2 (en) | 2002-04-17 | 2010-07-06 | Microsoft Corporation | Saving and retrieving data based on symmetric key encryption |
| US9183406B2 (en) | 2002-04-17 | 2015-11-10 | Microsoft Technology Licensing, Llc | Saving and retrieving data based on public key encryption |
| US7587589B2 (en) | 2002-04-17 | 2009-09-08 | Microsoft Corporation | Saving and retrieving data based on symmetric key encryption |
| US20070086588A1 (en) * | 2002-04-17 | 2007-04-19 | Microsoft Corporation | Saving and Retrieving Data Based on Symmetric Key Encryption |
| US8621243B2 (en) | 2002-04-17 | 2013-12-31 | Microsoft Corporation | Saving and retrieving data based on public key encryption |
| US8589701B2 (en) | 2002-04-17 | 2013-11-19 | Microsoft Corporation | Saving and retrieving data based on public key encryption |
| US8683230B2 (en) | 2002-04-17 | 2014-03-25 | Microsoft Corporation | Saving and retrieving data based on public key encryption |
| US7487365B2 (en) | 2002-04-17 | 2009-02-03 | Microsoft Corporation | Saving and retrieving data based on symmetric key encryption |
| US20030200440A1 (en) * | 2002-04-17 | 2003-10-23 | Paul England | Saving and retrieving data based on symmetric key encryption |
| US7890771B2 (en) | 2002-04-17 | 2011-02-15 | Microsoft Corporation | Saving and retrieving data based on public key encryption |
| US20070088949A1 (en) * | 2002-04-17 | 2007-04-19 | Microsoft Corporation | Saving and Retrieving Data Based on Public Key Encryption |
| US7991995B2 (en) | 2002-05-02 | 2011-08-02 | Shieldip, Inc. | Method and apparatus for protecting information and privacy |
| US20030220882A1 (en) * | 2002-05-02 | 2003-11-27 | Shieldip, Inc. | Method and apparatus for protecting information and privacy |
| US7406593B2 (en) * | 2002-05-02 | 2008-07-29 | Shieldip, Inc. | Method and apparatus for protecting information and privacy |
| US20100212019A1 (en) * | 2002-05-02 | 2010-08-19 | Shieldip, Inc. | Method and Apparatus for Protecting Information and Privacy |
| US8327453B2 (en) | 2002-05-02 | 2012-12-04 | Shieldip, Inc. | Method and apparatus for protecting information and privacy |
| US20130238902A1 (en) * | 2002-06-20 | 2013-09-12 | Krimmeni Technologies, Inc. | Method and system for control of code execution on a general purpose computing device and control of code execution in a recursive security protocol |
| US9705677B2 (en) * | 2002-06-20 | 2017-07-11 | Rubicon Labs, Inc. | Method and system for control of code execution on a general purpose computing device and control of code execution in a recursive security protocol |
| US9710617B2 (en) | 2002-06-20 | 2017-07-18 | Rubicon Labs, Inc. | Method and system for a recursive security protocol for digital copyright control |
| US20040002384A1 (en) * | 2002-06-28 | 2004-01-01 | Multerer Boyd C. | Discovery and distribution of game session information |
| US7803052B2 (en) * | 2002-06-28 | 2010-09-28 | Microsoft Corporation | Discovery and distribution of game session information |
| US20100317430A1 (en) * | 2002-06-28 | 2010-12-16 | Microsoft Corporation | Discovery and Distribution of Game Session Information |
| US20040003254A1 (en) * | 2002-07-01 | 2004-01-01 | Masayuki Numao | Network system, server and information terminal for list matching |
| US7979712B2 (en) * | 2002-07-01 | 2011-07-12 | International Business Machines Corporation | Network system, server and information terminal for list matching |
| US7093119B2 (en) | 2002-07-16 | 2006-08-15 | International Business Machines Corporation | Methods and computer program products for protecting source code of an interpreted programming language |
| US8393001B1 (en) | 2002-07-26 | 2013-03-05 | Mcafee, Inc. | Secure signature server system and associated method |
| US20040109187A1 (en) * | 2002-08-30 | 2004-06-10 | Hiroyuki Matsushima | Image processing apparatus, image processing method and program |
| US7640403B2 (en) * | 2002-08-30 | 2009-12-29 | Ricoh Company, Ltd. | Image processing apparatus in which an external application is executed from a storage device |
| US20040059922A1 (en) * | 2002-09-20 | 2004-03-25 | Harris Rodney C. | Continuous voice recognition for user authentication by a digital transmitting device |
| US20040260947A1 (en) * | 2002-10-21 | 2004-12-23 | Brady Gerard Anthony | Methods and systems for analyzing security events |
| US20090126014A1 (en) * | 2002-10-21 | 2009-05-14 | Versign, Inc. | Methods and systems for analyzing security events |
| US7484207B2 (en) * | 2002-12-11 | 2009-01-27 | O'z Co., Ltd. | Software execution control system and software execution control program |
| US20060117314A1 (en) * | 2002-12-11 | 2006-06-01 | Kenji Sato | Software execution control system and software execution control program |
| US7707429B2 (en) | 2002-12-19 | 2010-04-27 | International Business Machines Corporation | System and method to proactively detect software tampering |
| US7305564B2 (en) | 2002-12-19 | 2007-12-04 | International Business Machines Corporation | System and method to proactively detect software tampering |
| US20040123116A1 (en) * | 2002-12-19 | 2004-06-24 | Hongxia Jin | System and Method to Proactively Detect Software Tampering |
| US20080066178A1 (en) * | 2002-12-19 | 2008-03-13 | International Business Machines Corporation | System and Method to Proactively Detect Software Tampering |
| US20040158533A1 (en) * | 2003-02-06 | 2004-08-12 | Steve Messick | Simultaneous network news distribution |
| US7069245B2 (en) | 2003-02-06 | 2006-06-27 | Business Wire | Simultaneous network news distribution |
| US20080215896A1 (en) * | 2003-02-25 | 2008-09-04 | Steve Bourne | Issuing a Publisher Use License Off-Line in a Digital Rights Management (DRM) System |
| US8719171B2 (en) | 2003-02-25 | 2014-05-06 | Microsoft Corporation | Issuing a publisher use license off-line in a digital rights management (DRM) system |
| US8700535B2 (en) | 2003-02-25 | 2014-04-15 | Microsoft Corporation | Issuing a publisher use license off-line in a digital rights management (DRM) system |
| US20040235563A1 (en) * | 2003-02-26 | 2004-11-25 | Blackburn Christopher W. | Game update service in a service-oriented gaming network environment |
| US6965968B1 (en) | 2003-02-27 | 2005-11-15 | Finjan Software Ltd. | Policy-based caching |
| US20040242328A1 (en) * | 2003-03-05 | 2004-12-02 | Blackburn Christopher W. | Boot service in a service-oriented gaming network environment |
| US20040242329A1 (en) * | 2003-03-05 | 2004-12-02 | Blackburn Christopher W. | Discovery service in a service-oriented gaming network environment |
| US8308567B2 (en) | 2003-03-05 | 2012-11-13 | Wms Gaming Inc. | Discovery service in a service-oriented gaming network environment |
| US20040243849A1 (en) * | 2003-03-06 | 2004-12-02 | Blackburn Christopher W. | Authorization service in a service-oriented gaming network environment |
| US20040243848A1 (en) * | 2003-03-06 | 2004-12-02 | Blackburn Christopher W. | Authentication service in a service-oriented gaming network environment |
| US20030177051A1 (en) * | 2003-03-13 | 2003-09-18 | Robin Driscoll | Method and system for managing worker resources |
| US20040242331A1 (en) * | 2003-03-17 | 2004-12-02 | Blackburn Christopher W. | Time service in a service-oriented gaming network environment |
| US20040266532A1 (en) * | 2003-03-27 | 2004-12-30 | Blackburn Christopher W. | Event management service in a service-oriented gaming network environment |
| US20090087018A1 (en) * | 2003-04-15 | 2009-04-02 | Reed Alastair M | Perceptability model applied to watermark signals |
| US8098882B2 (en) | 2003-04-15 | 2012-01-17 | Digimarc Corporation | Perceptability model applied to watermark signals |
| US20040259640A1 (en) * | 2003-04-16 | 2004-12-23 | Gentles Thomas A. | Layered security methods and apparatus in a gaming system environment |
| US20040259633A1 (en) * | 2003-04-16 | 2004-12-23 | Gentles Thomas A. | Remote authentication of gaming software in a gaming system environment |
| US20040266533A1 (en) * | 2003-04-16 | 2004-12-30 | Gentles Thomas A | Gaming software distribution network in a gaming system environment |
| US20040266523A1 (en) * | 2003-04-16 | 2004-12-30 | Gentles Thomas A | Secured networks in a gaming system environment |
| US20050227768A1 (en) * | 2003-05-27 | 2005-10-13 | Blackburn Christopher W | Gaming network environment having a language translation service |
| WO2004114242A1 (en) * | 2003-06-17 | 2004-12-29 | Intelagents, Inc. | System and method for monitoring and detecting a security threat |
| US20070008114A1 (en) * | 2003-06-17 | 2007-01-11 | Intelagents, Inc. | System and method for monitoring a security of an asset |
| US7046138B2 (en) | 2003-06-17 | 2006-05-16 | Intelagents, Inc. | System and method for monitoring a security of an asset |
| US20070164858A1 (en) * | 2003-06-17 | 2007-07-19 | Intelagents, Inc. | Global intelligent remote detection system |
| US7755479B2 (en) | 2003-06-17 | 2010-07-13 | Infraegis, Inc. | Global intelligent remote detection system |
| US7209037B2 (en) | 2003-06-17 | 2007-04-24 | Infraegis, Inc. | System and method for monitoring a security of an asset |
| US20040257223A1 (en) * | 2003-06-17 | 2004-12-23 | Intelagents, Inc | System and method for monitoring a security of an asset |
| US7012520B2 (en) | 2003-06-17 | 2006-03-14 | Infraegis, Inc. | Global intelligent remote detection system |
| US20050002533A1 (en) * | 2003-07-01 | 2005-01-06 | Langin-Hooper Jerry Joe | Fully secure message transmission over non-secure channels without cryptographic key exchange |
| US20060161777A1 (en) * | 2003-07-11 | 2006-07-20 | Koninklijke Philips Electronics N.V. | Watermark embedding and detection |
| US8738535B2 (en) | 2003-08-15 | 2014-05-27 | Inter-Tel (DE) Inc | System and method for software site licensing |
| US20050038751A1 (en) * | 2003-08-15 | 2005-02-17 | Gaetano Arthur Louis | System and method for software site licensing |
| US20050038752A1 (en) * | 2003-08-15 | 2005-02-17 | Gaetano Arthur Louis | System and method for software site licensing |
| US20050071656A1 (en) * | 2003-09-25 | 2005-03-31 | Klein Dean A. | Secure processor-based system and method |
| US20070186117A1 (en) * | 2003-09-25 | 2007-08-09 | Klein Dean A | Secure processor-based system and method |
| US20070083726A1 (en) * | 2003-10-13 | 2007-04-12 | Koninklijke Philips Electronics N.V. | Storage allocation per application |
| US7516147B2 (en) | 2003-10-23 | 2009-04-07 | Sumisho Computer Systems Corporation | URL system and method for licensing content |
| US20050091216A1 (en) * | 2003-10-23 | 2005-04-28 | Curl Corporation | URL system and method for licensing content |
| US20050108548A1 (en) * | 2003-11-14 | 2005-05-19 | Yusuke Ohta | System and method for verifying validity of a product |
| US7802085B2 (en) | 2004-02-18 | 2010-09-21 | Intel Corporation | Apparatus and method for distributing private keys to an entity with minimal secret, unique information |
| US20050182930A1 (en) * | 2004-02-18 | 2005-08-18 | Alcatel | Method and a device for transforming an operating system to protect a computer program against attack |
| US8639915B2 (en) | 2004-02-18 | 2014-01-28 | Intel Corporation | Apparatus and method for distributing private keys to an entity with minimal secret, unique information |
| US20050180572A1 (en) * | 2004-02-18 | 2005-08-18 | Graunke Gary L. | Apparatus and method for distributing private keys to an entity with minimal secret, unique information |
| US20050246530A1 (en) * | 2004-03-31 | 2005-11-03 | Canon Kabushiki Kaisha | Confirmation method of software and apparatus for executing software |
| US7590851B2 (en) * | 2004-03-31 | 2009-09-15 | Canon Kabushiki Kaisha | Confirmation method of software and apparatus for executing software |
| US8239958B2 (en) | 2004-03-31 | 2012-08-07 | Canon Kabushiki Kaisha | Confirmation method of software and apparatus for executing software |
| US20090228880A1 (en) * | 2004-03-31 | 2009-09-10 | Canon Kabushiki Kaisha | Confirmation method of software and apparatus for executing software |
| US7287159B2 (en) | 2004-04-01 | 2007-10-23 | Shieldip, Inc. | Detection and identification methods for software |
| US20050228989A1 (en) * | 2004-04-01 | 2005-10-13 | Shieldip, Inc. | Detection and identification methods for software |
| US7693286B2 (en) * | 2004-07-14 | 2010-04-06 | Intel Corporation | Method of delivering direct proof private keys in signed groups to devices using a distribution CD |
| US20060013400A1 (en) * | 2004-07-14 | 2006-01-19 | Sutton James A Ii | Method of delivering direct proof private keys in signed groups to devices using a distribution CD |
| US8347078B2 (en) | 2004-10-18 | 2013-01-01 | Microsoft Corporation | Device certificate individualization |
| US9336359B2 (en) | 2004-10-18 | 2016-05-10 | Microsoft Technology Licensing, Llc | Device certificate individualization |
| US8200476B2 (en) * | 2004-11-04 | 2012-06-12 | Avaya Inc. | Message file editing process |
| US20060095774A1 (en) * | 2004-11-04 | 2006-05-04 | Butterfield Bruce D | Message file editing process |
| US8176564B2 (en) | 2004-11-15 | 2012-05-08 | Microsoft Corporation | Special PC mode entered upon detection of undesired state |
| US20060136747A1 (en) * | 2004-11-15 | 2006-06-22 | Microsoft Corporation | Changing product behavior in accordance with license |
| US8336085B2 (en) | 2004-11-15 | 2012-12-18 | Microsoft Corporation | Tuning product policy using observed evidence of customer behavior |
| US9224168B2 (en) | 2004-11-15 | 2015-12-29 | Microsoft Technology Licensing, Llc | Tuning product policy using observed evidence of customer behavior |
| US7694153B2 (en) | 2004-11-15 | 2010-04-06 | Microsoft Corporation | Changing product behavior in accordance with license |
| US20060117181A1 (en) * | 2004-11-30 | 2006-06-01 | Brickell Ernest F | Apparatus and method for establishing a secure session with a device without exposing privacy-sensitive information |
| US8924728B2 (en) | 2004-11-30 | 2014-12-30 | Intel Corporation | Apparatus and method for establishing a secure session with a device without exposing privacy-sensitive information |
| US20080288786A1 (en) * | 2004-12-20 | 2008-11-20 | Michael Stephen Fiske | System with access keys |
| US20060236114A1 (en) * | 2005-04-05 | 2006-10-19 | Ntt Docomo, Inc. | Application program verification system, application program verification method and computer program |
| US8332823B2 (en) | 2005-04-05 | 2012-12-11 | Ntt Docomo, Inc. | Application program verification system, application program verification method and computer program |
| US8725646B2 (en) | 2005-04-15 | 2014-05-13 | Microsoft Corporation | Output protection levels |
| US9363481B2 (en) | 2005-04-22 | 2016-06-07 | Microsoft Technology Licensing, Llc | Protected media pipeline |
| US20060242406A1 (en) * | 2005-04-22 | 2006-10-26 | Microsoft Corporation | Protected computing environment |
| US9436804B2 (en) | 2005-04-22 | 2016-09-06 | Microsoft Technology Licensing, Llc | Establishing a unique session key using a hardware functionality scan |
| US9189605B2 (en) | 2005-04-22 | 2015-11-17 | Microsoft Technology Licensing, Llc | Protected computing environment |
| CN101938471B (zh) * | 2005-04-22 | 2012-04-04 | 林建华 | 管理公开金钥密码学的公开与秘密金钥对的方法 |
| US8438645B2 (en) | 2005-04-27 | 2013-05-07 | Microsoft Corporation | Secure clock with grace periods |
| US8781969B2 (en) | 2005-05-20 | 2014-07-15 | Microsoft Corporation | Extensible media rights |
| US20060271493A1 (en) * | 2005-05-24 | 2006-11-30 | Contentguard Holdings, Inc. | Method and apparatus for executing code in accordance with usage rights |
| US20060271915A1 (en) * | 2005-05-24 | 2006-11-30 | Contentguard Holdings, Inc. | Usage rights grammar and digital works having usage rights created with the grammar |
| US8597122B2 (en) * | 2005-05-31 | 2013-12-03 | Aristocrat Technologies Australia Pty Ltd | Password entry system |
| US20130084974A1 (en) * | 2005-05-31 | 2013-04-04 | Stephen Byng | Password Entry System |
| US20060282899A1 (en) * | 2005-06-08 | 2006-12-14 | Microsoft Corporation | System and method for delivery of a modular operating system |
| US8353046B2 (en) | 2005-06-08 | 2013-01-08 | Microsoft Corporation | System and method for delivery of a modular operating system |
| US20070011453A1 (en) * | 2005-07-07 | 2007-01-11 | Nokia Corporation | Establishment of a trusted relationship between unknown communication parties |
| US8132005B2 (en) * | 2005-07-07 | 2012-03-06 | Nokia Corporation | Establishment of a trusted relationship between unknown communication parties |
| US7698227B1 (en) * | 2005-07-14 | 2010-04-13 | Sun Microsystems, Inc. | System and method for providing traceable acknowledgement of a digital data distribution license |
| US20070016770A1 (en) * | 2005-07-18 | 2007-01-18 | Dell Products L.P. | System and method for managing the initiation of software programs in an information handling system |
| US20100203960A1 (en) * | 2005-07-20 | 2010-08-12 | Wms Gaming Inc. | Wagering game with encryption and authentication |
| US20110183748A1 (en) * | 2005-07-20 | 2011-07-28 | Wms Gaming Inc. | Wagering game with encryption and authentication |
| US8775316B2 (en) | 2005-07-20 | 2014-07-08 | Wms Gaming Inc. | Wagering game with encryption and authentication |
| US20070056035A1 (en) * | 2005-08-16 | 2007-03-08 | Drew Copley | Methods and systems for detection of forged computer files |
| US20090185681A1 (en) * | 2005-08-19 | 2009-07-23 | Nxp B.V. | Circuit arrangement and method for rsa key generation |
| US8265265B2 (en) * | 2005-08-19 | 2012-09-11 | Nxp B.V. | Circuit arrangement and method for RSA key generation |
| US8023645B2 (en) * | 2005-08-19 | 2011-09-20 | Nxp B.V. | Circuit arrangement for and method of performing an inversion operation in a cryptographic calculation |
| US20090028325A1 (en) * | 2005-08-19 | 2009-01-29 | Nxp B.V. | Circuit arrangement for and method of performing an inversion operation in a cryptographic calculation |
| US20070067630A1 (en) * | 2005-09-16 | 2007-03-22 | Dmitry Lenkov | Trusted information exchange based on trust agreements |
| US8682795B2 (en) * | 2005-09-16 | 2014-03-25 | Oracle International Corporation | Trusted information exchange based on trust agreements |
| US20070071238A1 (en) * | 2005-09-29 | 2007-03-29 | Research In Motion Limited | System and method for providing an indication of randomness quality of random number data generated by a random data service |
| US8452970B2 (en) * | 2005-09-29 | 2013-05-28 | Research In Motion Limited | System and method for code signing |
| US9077524B2 (en) | 2005-09-29 | 2015-07-07 | Blackberry Limited | System and method for providing an indication of randomness quality of random number data generated by a random data service |
| US8340289B2 (en) | 2005-09-29 | 2012-12-25 | Research In Motion Limited | System and method for providing an indication of randomness quality of random number data generated by a random data service |
| US20100332848A1 (en) * | 2005-09-29 | 2010-12-30 | Research In Motion Limited | System and method for code signing |
| USRE49334E1 (en) | 2005-10-04 | 2022-12-13 | Hoffberg Family Trust 2 | Multifactorial optimization system and method |
| US7953225B2 (en) * | 2005-10-21 | 2011-05-31 | Harris Corporation | Mobile wireless communications device with software installation and verification features and related methods |
| US20070094508A1 (en) * | 2005-10-21 | 2007-04-26 | Harris Corporation | Mobile wireless communications device with software installation and verification features and related methods |
| US20070156602A1 (en) * | 2005-12-07 | 2007-07-05 | Seiko Epson Corporation | Information distribution apparatus, information processing apparatus, printing apparatus, control method of information distribution apparatus, control method of information processing apparatus, and control program |
| US8818897B1 (en) * | 2005-12-15 | 2014-08-26 | Rockstar Consortium Us Lp | System and method for validation and enforcement of application security |
| US20070152854A1 (en) * | 2005-12-29 | 2007-07-05 | Drew Copley | Forgery detection using entropy modeling |
| US20070160202A1 (en) * | 2006-01-11 | 2007-07-12 | International Business Machines Corporation | Cipher method and system for verifying a decryption of an encrypted user data key |
| US7499552B2 (en) | 2006-01-11 | 2009-03-03 | International Business Machines Corporation | Cipher method and system for verifying a decryption of an encrypted user data key |
| US8775508B2 (en) | 2006-03-14 | 2014-07-08 | Altnet, Inc. | Filter for a distributed network |
| US20070220116A1 (en) * | 2006-03-14 | 2007-09-20 | Anthony Rose | Filter for a Distributed Network |
| US9098683B2 (en) | 2006-03-14 | 2015-08-04 | Global File Systems Holdings, Llc | Filter for a distributed network |
| US8185576B2 (en) | 2006-03-14 | 2012-05-22 | Altnet, Inc. | Filter for a distributed network |
| US8014530B2 (en) | 2006-03-22 | 2011-09-06 | Intel Corporation | Method and apparatus for authenticated, recoverable key distribution with no database secrets |
| US20070294181A1 (en) * | 2006-05-22 | 2007-12-20 | Saurabh Chheda | Flexible digital rights management with secure snippets |
| US8311650B2 (en) * | 2006-07-13 | 2012-11-13 | Mitsubishi Electric Corporation | Equipment management system, programmable controller and centralized controller |
| US20100004758A1 (en) * | 2006-07-13 | 2010-01-07 | Mitsubishi Electric Corporation | Equipment management system, programmable controller and centralized controller |
| CN101473282B (zh) * | 2006-07-13 | 2012-10-17 | 三菱电机株式会社 | 设备管理系统、可编程控制器以及集中控制器 |
| US8172686B2 (en) | 2006-08-08 | 2012-05-08 | Wms Gaming Inc. | Configurable wagering game manager |
| US8204214B2 (en) * | 2006-10-30 | 2012-06-19 | Hewlett-Packard Development Company, L.P. | Method and system for generating data transaction ID |
| US20080122624A1 (en) * | 2006-10-30 | 2008-05-29 | Hewlett-Packard Development Company, L.P. | Method and system for generating data transaction id |
| US8356351B2 (en) * | 2007-01-19 | 2013-01-15 | International Business Machines Corporation | Method and device for verification of code module in virtual machine |
| US20080209556A1 (en) * | 2007-01-19 | 2008-08-28 | International Business Machines Corporation | Method and device for verification of code module in virtual machine |
| US8682800B2 (en) * | 2007-01-30 | 2014-03-25 | Microsoft Corporation | Controlling access to technology based upon authorization |
| US20080183625A1 (en) * | 2007-01-30 | 2008-07-31 | Microsoft Corporation | Controlling access to technology based upon authorization |
| US20100318804A1 (en) * | 2007-06-12 | 2010-12-16 | Volkovs Nikolajs | Scheme of applying the modified polynomial-based hash function in the digital signature algorithm based on the division algorithm |
| US7974409B2 (en) * | 2007-06-28 | 2011-07-05 | Samsung Electronics Co., Ltd. | Changing the order of public key cryptographic computations |
| US20090003606A1 (en) * | 2007-06-28 | 2009-01-01 | Samsung Electronics Co., Ltd. | Changing the order of public key cryptographic computations |
| US20090012864A1 (en) * | 2007-07-02 | 2009-01-08 | Goldberg Sheldon F | Compensation model for network services |
| US20090119779A1 (en) * | 2007-11-06 | 2009-05-07 | The Mathworks, Inc. | License activation and management |
| US10013536B2 (en) * | 2007-11-06 | 2018-07-03 | The Mathworks, Inc. | License activation and management |
| CN101593257B (zh) * | 2008-05-27 | 2011-02-16 | 北京飞天诚信科技有限公司 | 基于.Net虚拟机的软件保护系统和方法 |
| US20090313171A1 (en) * | 2008-06-17 | 2009-12-17 | Microsoft Corporation | Electronic transaction verification |
| CN101436141B (zh) * | 2008-11-21 | 2012-07-18 | 深圳创维数字技术股份有限公司 | 基于数字签名的固件升级、固件封装方法与装置 |
| US20100131272A1 (en) * | 2008-11-25 | 2010-05-27 | Institute For Information Industry | Apparatus and method for generating and verifying a voice signature of a message and computer readable medium thereof |
| US9135434B2 (en) * | 2010-04-19 | 2015-09-15 | Appcentral, Inc. | System and method for third party creation of applications for mobile appliances |
| US20110276805A1 (en) * | 2010-04-19 | 2011-11-10 | Aashin Nagpal | System and Method for Third Party Creation of Applications for Mobile Appliances |
| JP2012088765A (ja) * | 2010-10-15 | 2012-05-10 | Hitachi Solutions Ltd | プログラム起動制御方法、プログラム起動制御プログラム、携帯端末、ネットワークシステム |
| US9152779B2 (en) | 2011-01-16 | 2015-10-06 | Michael Stephen Fiske | Protecting codes, keys and user credentials with identity and patterns |
| US8732831B2 (en) | 2011-07-14 | 2014-05-20 | AVG Netherlands B.V. | Detection of rogue software applications |
| US9098678B2 (en) * | 2011-09-15 | 2015-08-04 | Verizon Patent And Licensing Inc. | Streaming video authentication |
| US20130074168A1 (en) * | 2011-09-15 | 2013-03-21 | Verizon Patent And Licensing Inc. | Streaming video authentication |
| US20130104232A1 (en) * | 2011-10-25 | 2013-04-25 | Raytheon Company | Appliqué providing a secure deployment environment (sde) for a wireless communications device |
| US9098696B2 (en) * | 2011-10-25 | 2015-08-04 | Raytheon Company | Appliqué providing a secure deployment environment (SDE) for a wireless communications device |
| US9575906B2 (en) | 2012-03-20 | 2017-02-21 | Rubicon Labs, Inc. | Method and system for process working set isolation |
| US20160134422A1 (en) * | 2012-06-29 | 2016-05-12 | Kip Sign P1 Lp | System and method for identifying software changes |
| US9323951B2 (en) | 2013-03-13 | 2016-04-26 | International Business Machines Corporation | Encrypted warranty verification and diagnostic tool |
| US10419217B2 (en) * | 2014-11-06 | 2019-09-17 | Huawei Technologies Co., Ltd. | Security information configuration method, security verification method, and related chip |
| US11403685B2 (en) * | 2016-10-17 | 2022-08-02 | Blackberry Limited | Automatic distribution of licenses for a third-party service operating in association with a licensed first-party service |
| US10262127B2 (en) | 2017-04-05 | 2019-04-16 | General Electric Company | Systems and method for securely sharing and executing data and models |
| US10706164B2 (en) * | 2017-09-29 | 2020-07-07 | Intel Corporation | Crypto-enforced capabilities for isolation |
| US20190102567A1 (en) * | 2017-09-29 | 2019-04-04 | Intel Corporation | Crypto-enforced capabilities for isolation |
| US11177948B2 (en) * | 2017-10-19 | 2021-11-16 | Bank Of America Corporation | Method and apparatus for perfect forward secrecy using deterministic hierarchy |
| US10574451B2 (en) * | 2017-10-19 | 2020-02-25 | Bank Of America Corporation | Method and apparatus for perfect forward secrecy using deterministic hierarchy |
| TWI643160B (zh) * | 2017-11-16 | 2018-12-01 | 國立臺北科技大學 | 利用權重參數與餘數定義隱寫資料於區塊截斷編碼影像的方法、影像壓縮裝置及電腦可讀取的記錄媒體 |
| KR101979323B1 (ko) * | 2017-12-18 | 2019-05-15 | 주식회사 캐드서브 | 소프트웨어 저작권 인증 관리 방법 |
| US20190236269A1 (en) * | 2018-01-31 | 2019-08-01 | International Business Machines Corporation | Detecting third party software elements |
| US11050735B2 (en) * | 2018-08-23 | 2021-06-29 | International Business Machines Corporation | Customizable authentication system |
| US11979393B2 (en) | 2018-08-23 | 2024-05-07 | Green Market Square Limited | Customizable authentication system |
| US11562073B2 (en) | 2018-11-28 | 2023-01-24 | The Boeing Company | Systems and methods of software load verification |
| US10951404B1 (en) * | 2020-06-09 | 2021-03-16 | Quantropi Inc. | Methods and systems for digital message encoding and signing |
| US11641347B2 (en) | 2021-03-10 | 2023-05-02 | Quantropi Inc. | Quantum-safe cryptographic methods and systems |
| WO2023014248A1 (en) | 2021-08-03 | 2023-02-09 | Mohammed Alawi E Geoffrey | Methods and systems for verification method to validate documents |
Also Published As
| Publication number | Publication date |
|---|---|
| EP0686906A3 (de) | 1997-08-06 |
| JPH08166879A (ja) | 1996-06-25 |
| DE69534212T2 (de) | 2006-01-12 |
| DE69534212D1 (de) | 2005-06-23 |
| EP0686906A2 (de) | 1995-12-13 |
| DE69534212T8 (de) | 2006-04-27 |
| EP0686906B1 (de) | 2005-05-18 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US5724425A (en) | Method and apparatus for enhancing software security and distributing software | |
| Diffie | The first ten years of public-key cryptography | |
| Diffie et al. | New directions in cryptography | |
| Leighton et al. | Secret-key agreement without public-key cryptography | |
| Abe | Mix-networks on permutation networks | |
| Pfitzmann | Trials of traced traitors | |
| Diffie et al. | Authentication and authenticated key exchanges | |
| Clark et al. | A survey of authentication protocol literature | |
| Desmedt et al. | Weaknesses of undeniable signature schemes | |
| Frankel et al. | Parallel reliable threshold multisignature | |
| Bellare et al. | Encapsulated key escrow | |
| Alfred et al. | Handbook of applied cryptography | |
| Kiayias et al. | Extracting group signatures from traitor tracing schemes | |
| Oppliger | Cryptography 101: From Theory to Practice | |
| KR20010013155A (ko) | 자동 복구가능하고 자동 증명가능한 암호체계들 | |
| Oppliger | Secure messaging on the internet | |
| Paillier | Paillier Encryption and Signature Schemes. | |
| Rueppel | A formal approach to security architectures | |
| Nuoskala et al. | FE [r] Chain: Enforcing Fairness in Blockchain Data Exchanges Through Verifiable Functional Encryption | |
| Maurer | Cryptography 2000±10 | |
| Faust et al. | Statement-oblivious threshold witness encryption | |
| Diffie et al. | 6. New Directions in | |
| Leighton et al. | Secret Key Agreement without Public-Key Cryptography | |
| Baek | Construction and formal security analysis of cryptographic schemes in the public key setting | |
| Sakuraii et al. | A key escrow system with protecting user's privacy by blind decoding |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| AS | Assignment |
Owner name: SUN MICROSYSTEMS, CALIFORNIA Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNORS:CHANG, SHEUE-LING;GOSLING, JAMES A.;REEL/FRAME:007111/0400;SIGNING DATES FROM 19940711 TO 19940719 |
|
| AS | Assignment |
Owner name: SUN MICROSYSTEMS, INC., CALIFORNIA Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:FIRSTPERSON, INC.;REEL/FRAME:008110/0493 Effective date: 19950630 |
|
| STCF | Information on status: patent grant |
Free format text: PATENTED CASE |
|
| FPAY | Fee payment |
Year of fee payment: 4 |
|
| FEPP | Fee payment procedure |
Free format text: PAYOR NUMBER ASSIGNED (ORIGINAL EVENT CODE: ASPN); ENTITY STATUS OF PATENT OWNER: LARGE ENTITY |
|
| FPAY | Fee payment |
Year of fee payment: 8 |
|
| FPAY | Fee payment |
Year of fee payment: 12 |